[wp-trac] [WordPress Trac] #9540: Site Name In <link rel='index'>
Not Escaped
WordPress Trac
wp-trac at lists.automattic.com
Wed Apr 15 16:43:19 GMT 2009
#9540: Site Name In <link rel='index'> Not Escaped
--------------------------+-------------------------------------------------
Reporter: GamerZ | Owner: anonymous
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8
Component: Template | Version:
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
In wp-includes/feed.php:
{{{
#!php
function get_index_rel_link() {
$link = "<link rel='index' title='" . get_bloginfo('name') . "'
href='" . get_bloginfo('siteurl') . "' />\n";
return apply_filters( "index_rel_link", $link );
}
}}}
If the site contains a single quote the HTML will be invalid. Attached is
the patch using attributes_escape() to escape quotes.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9540>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list