[wp-trac] [WordPress Trac] #4452: wpx can include invalid named
entities in comment author name
WordPress Trac
wp-trac at lists.automattic.com
Wed Jun 13 11:06:59 GMT 2007
#4452: wpx can include invalid named entities in comment author name
----------------------------+-----------------------------------------------
Reporter: tellyworth | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone:
Component: Administration | Version:
Severity: normal | Keywords:
----------------------------+-----------------------------------------------
Hi,
WP's xml export doesn't currently escape the conents of many fields,
including the comment author. If those fields include named HTML
entities, that means it's invalid XML. The importer handles it just fine,
but some browsers will complain with an error or refuse to download the
export file if the XML doesn't validate.
Attached is an example of the problem output, and a patch that uses CDATA
escaping on the comment author field. Other fields could be escaped too,
but I've limited the change to the one that I've seen cause a problem in
the wild.
On the import side, get_tag() will accept CDATA on any field now. It
should retain backwards compatibility with export files created prior to
this patch.
--
Ticket URL: <http://trac.wordpress.org/ticket/4452>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list