[wp-trac] Re: [WordPress Trac] #3299: clean_url() not working for non-HTTP URLS

WordPress Trac wp-trac at lists.automattic.com
Mon Jul 2 12:54:17 GMT 2007

#3299: clean_url() not working for non-HTTP URLS
 Reporter:  redclown     |        Owner:  pishmishy   
     Type:  defect       |       Status:  assigned    
 Priority:  normal       |    Milestone:  2.4 (future)
Component:  General      |      Version:  2.3         
 Severity:  normal       |   Resolution:              
 Keywords:  needs-patch  |  
Changes (by westi):

  * keywords:  has-patch => needs-patch


 -1 to current patch

 If we are to support other types of url in clean_url then they should be

 clean_url is used to sanitise things like commenter urls so we must ensure
 that things like javascript cannot be used to stop possible XSS attacks.

Ticket URL: <http://trac.wordpress.org/ticket/3299#comment:8>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list