[wp-trac] [WordPress Trac] #12780: get_search_query() can be confusing as it doesn't sanitize
WordPress Trac
wp-trac at lists.automattic.com
Sat Apr 3 23:40:42 UTC 2010
#12780: get_search_query() can be confusing as it doesn't sanitize
--------------------------+-------------------------------------------------
Reporter: Viper007Bond | Owner: ryan
Type: defect (bug) | Status: assigned
Priority: high | Milestone: 3.0
Component: Template | Version: 3.0
Severity: normal | Keywords:
--------------------------+-------------------------------------------------
Comment(by nacin):
Checking this in and leaving open for now. Since esc_attr and
attribute_escape don't double-escape, this won't have any adverse effects
when the API was used. We're only breaking htmlspecialchars here.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12780#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list