[wp-hackers] WordPress 2.0.3 Tuneup Plugin
Michael D Adams
mikea at turbonet.com
Wed Jun 7 18:50:48 GMT 2006
On Jun 5, 2006, at 12:56 PM, Brian Layman wrote:
>> Michael Adams wrote:
>> The redirection bug only surfaces if you have disabled sending
>> referrers
>> or if the HTTP_REFERER value is otherwise empty. Click edit on some
>> comment and then hit enter from your browser's location bar to
>> reload the
>> page without sending a REFERER header to test.
>>
> Assuming these steps to duplicate work, I would still like to know
> where the
> extra slashes appear (issue [2]).
>
They do work. Go ahead and try them out.
The slashes appear whenever you go through a POST type Are You Sure
dialog (as opposed to a GET type). In an unpatched and unplugged WP
2.0.3 (tag 2.0.3 or revision #3825), edit a comment with single
quote, a double quote and a slash in it somewhere.
Are you running 2.0.3? I believe some recent change in *trunk's*
TinyMCE turns quotes into entities before POSTing (so quotes would
not get escaped, only slashes would). This is one reason the bug was
not discovered pre-release; people believed that testing on trunk was
good enough.
Michael
More information about the wp-hackers
mailing list