[wp-trac] [WordPress Trac] #3991: Default theme allows markup in
titles
WordPress Trac
wp-trac at lists.automattic.com
Sun Mar 18 12:55:57 GMT 2007
#3991: Default theme allows markup in titles
----------------------+-----------------------------------------------------
Reporter: elharo | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.1.3
Component: Template | Version: 2.1.2
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
Tags are allowed in the title of a Wordpress post. They are returned by
the_title() function. They must not be used in attribute values, but in
the default theme they are. For example, create a post with this title:
<strong style="color: green">Strong</strong> Test for Markup In Titles &
Summaries
Publish it with the default theme. Look at the post. You'll see the bug.
This occurs in both index.php and single.php. The headers end up like
this:
<h1 class="single"><a href="http://www.elharo.com/blog/software-
development/web-development/2007/03/17/a-strong-test-for-markup-in-titles-
summaries/" rel="bookmark" title="Permanent Link: A <strong style="color:
green">Strong</strong> Test for Markup In Titles & Summaries">A
<strong style="color: green">Strong</strong> Test for Markup In Titles
& Summaries</a></h1>
Notice how a tag has snuck into the title attribute. This is invalid HTML,
and browsers deal with it inconsistently, but in none of them is this
good. The fix is to change
Permanent Link to <?php the_title(); ?>
to
Permanent Link to <?php the_title()_rss; ?>.
You need to do this in at least three files, archive, single.php, and
index.php.
--
Ticket URL: <http://trac.wordpress.org/ticket/3991>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list