[wp-trac] [WordPress Trac] #5998: Invalid Unicode characters
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 6 09:16:12 UTC 2009
#5998: Invalid Unicode characters
--------------------------+-------------------------------------------------
Reporter: shelleyp | Owner: hakre
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 2.9
Component: Security | Version: 2.3.3
Severity: critical | Keywords: needs-patch
--------------------------+-------------------------------------------------
Changes (by dwright):
* cc: david_v_wright@… (added)
Comment:
In regards to the original reporter's case:
http://core.trac.wordpress.org/ticket/5998#comment:9
It could be strongly argued (http://www.webdevout.net/articles/beware-of-
xhtml) that it is not a good idea to turn on "true XHTML serving in
WordPress" but if this is a valid request, it makes sense to resolve it.
This case is specific to XHTML/XML and UTF-8 and the fact that Firefox
(for example) will 'choke' on non valid code points. (example 
)
It makes sense to me, that since this related to XHTML/XML, handle it as
such.
(although, is it acceptable to assume that the php xml parser will be
avail in standard Wordpress/php setups?)
I am including a patch. (for comment's only, as that is what is specified
in the original report)
btw: text/html mode is not effected by this issue. (current input
filtering handles it)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/5998#comment:14>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list