[wp-trac] [WordPress Trac] #5663: URL sanitization is too restrictive

WordPress Trac wp-trac at lists.automattic.com
Mon Jan 14 10:26:32 GMT 2008

#5663: URL sanitization is too restrictive
 Reporter:  nbachiyski  |       Owner:  anonymous
     Type:  defect      |      Status:  new      
 Priority:  normal      |   Milestone:  2.5      
Component:  General     |     Version:           
 Severity:  normal      |    Keywords:           
 Url sanitization is too strict, it allows only character from the
 following class: {{{[^a-z0-9-~+_.?#=!&;,/:%@]}}}

 A URL can contain every possible character, so we shouldn't strip them,
 but just escape accordingly.

Ticket URL: <http://trac.wordpress.org/ticket/5663>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list