[wp-trac] [WordPress Trac] #11311: kses converts ampersands to & in post titles, post content, and more

[WordPress Trac]

#11311: kses converts ampersands to & in post titles, post content, and more
------------------------------+-----------------------------
 Reporter:  Viper007Bond      |       Owner:
     Type:  defect (bug)      |      Status:  new
 Priority:  normal            |   Milestone:  Future Release
Component:  Administration    |     Version:  2.9
 Severity:  normal            |  Resolution:
 Keywords:  needs-patch gsoc  |
------------------------------+-----------------------------

Comment (by underground-stockholm):

 "C.12. Using Ampersands in Attribute Values (and Elsewhere)

 In both SGML and XML, the ampersand character ("&") declares the beginning
 of an entity reference (e.g., ® for the registered trademark symbol
 "®"). Unfortunately, many HTML user agents have silently ignored incorrect
 usage of the ampersand character in HTML documents - treating ampersands
 that do not look like entity references as literal ampersands. XML-based
 user agents will not tolerate this incorrect usage, and any document that
 uses an ampersand incorrectly will not be "valid", and consequently will
 not conform to this specification. In order to ensure that documents are
 compatible with historical HTML user agents and XML-based user agents,
 ampersands used in a document that are to be treated as literal characters
 must be expressed themselves as an entity reference (e.g. "&"). For
 example, when the href attribute of the a element refers to a CGI script
 that takes parameters, it must be expressed as http://my.site.dom/cgi-
 bin/myscript.pl?class=guest&name=user rather than as
 http://my.site.dom/cgi-bin/myscript.pl?class=guest&name=user."

 from http://www.w3.org/TR/xhtml1/#C_12

 Looks like this isn't a real bug.

 -- Pete | Rock Madrid | http://rock-madrid.com/

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/11311#comment:8>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software