[wp-trac] [WordPress Trac] #5666: faultString in xmlrpc responses is not properly escaped

WordPress Trac wp-trac at lists.automattic.com
Mon Jan 14 16:51:45 GMT 2008


#5666: faultString in xmlrpc responses is not properly escaped
-------------------------+--------------------------------------------------
 Reporter:  josephscott  |       Owner:  josephscott
     Type:  defect       |      Status:  new        
 Priority:  normal       |   Milestone:  2.5        
Component:  XML-RPC      |     Version:  2.3.2      
 Severity:  normal       |    Keywords:  needs-patch
-------------------------+--------------------------------------------------
 The xmlrpc spec indicates that < and & be encoded as &lt; and &amp; in
 strings.  When an error is returned from an xmlrpc call the IXR class
 doesn't attempt to encode these as it does with regular string values.

 I'm inclined to have IXR make use of htmlspecialchars() for this as it
 does for regular string values.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5666>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list