[wp-trac] Re: [WordPress Trac] #5998: Invalid Unicode characters
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 25 16:19:06 GMT 2009
#5998: Invalid Unicode characters
--------------------------+-------------------------------------------------
Reporter: shelleyp | Owner: hakre
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 2.9
Component: Security | Version: 2.3.3
Severity: critical | Keywords: needs-patch
--------------------------+-------------------------------------------------
Comment(by hakre):
Technically, the input (this time a post request) data's encoding must be
checked against the form encoding. I must check the default theme what is
fitting here, I would assume this is the blog charset option.
So checking for valid UTF8 is only fitting for UTF8 blogs (naturally). I
think it is a good Idea to have at least UTF8 input validation as well as
latin1. I dunno wehter other charset are officially supported by wordpress
or not.
I do not know as well wether or not other input data is properly validated
in terms of the encoding.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/5998#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list