[wp-trac] Re: [WordPress Trac] #10056: href not sanitized in media uploader

WordPress Trac wp-trac at lists.automattic.com
Sun Jun 7 02:38:46 GMT 2009


#10056: href not sanitized in media uploader
-------------------------------+--------------------------------------------
 Reporter:  Denis-de-Bernardy  |       Owner:     
     Type:  defect (bug)       |      Status:  new
 Priority:  high               |   Milestone:  2.9
Component:  Media              |     Version:  2.8
 Severity:  normal             |    Keywords:     
-------------------------------+--------------------------------------------
Changes (by Denis-de-Bernardy):

  * priority:  normal => high


Comment:

 adding to this ticket, this line is problematic:

 {{{
 $title = esc_attr($_POST['insertonly']['title']);
 }}}

 If the stuff is then inserted in a shortcode, it's more convenient (and
 relevant) to have the raw value in the shortcode, since the user might as
 well enter a shortcode manually. The escaped value should be used in the
 default $html, but the raw value should be passed to the filter.

 Additionally, there is no stripslashes call anywhere.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10056#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list