[wp-trac] [WordPress Trac] #15454: esc_textarea() for obvious textarea escaping function.
WordPress Trac
wp-trac at lists.automattic.com
Wed Nov 17 17:14:27 UTC 2010
#15454: esc_textarea() for obvious textarea escaping function.
--------------------------+-------------------------------------------------
Reporter: markjaquith | Owner:
Type: defect (bug) | Status: closed
Priority: high | Milestone: 3.1
Component: General | Version: 3.1
Severity: normal | Resolution: fixed
Keywords: needs-patch |
--------------------------+-------------------------------------------------
Changes (by nacin):
* status: new => closed
* resolution: => fixed
Comment:
This missed the ticket:
(In [16431]) esc_textarea() and application for obvious textarea escaping.
props alexkingorg. fixes #15454
No, esc_html() isn't proper here, because we need to double-encode. The
best function we had for it was wp_htmledit_pre(), or a direct
htmlspecialchars() call.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15454#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list