[wp-trac] [WordPress Trac] #14996: Inserting an video/audio/media with an apostrophe in the title results in \' in the HTML
WordPress Trac
wp-trac at lists.automattic.com
Wed Oct 6 04:10:01 UTC 2010
#14996: Inserting an video/audio/media with an apostrophe in the title results in
\' in the HTML
----------------------------+-----------------------------------------------
Reporter: layotte | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 3.0.1
Severity: normal | Keywords: has-patch needs-testing
----------------------------+-----------------------------------------------
Comment(by layotte):
The > < chars are already fine already...
Only the quotes are being escaped and it looks like it is part of
$_POST[insertonly][title]...
esc_attr is already being applied, but I think because the quotes are
already escaped it isn't trying to convert them. I tried switching to
esc_html and htmlspecialchars with no difference.
So this:
Lew's >, <, & "quote"
becomes:
Lew\'s >, <, & \"quote\"
If I don't stripslashes.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14996#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list