[wp-trac] [WordPress Trac] #18319: inline reply removes images
WordPress Trac
wp-trac at lists.automattic.com
Wed Aug 3 12:23:18 UTC 2011
#18319: inline reply removes images
--------------------------------------+------------------------------
Reporter: hebbet | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 3.2.1
Severity: normal | Resolution:
Keywords: needs-patch dev-feedback |
--------------------------------------+------------------------------
Changes (by SergeyBiryukov):
* keywords: => needs-patch dev-feedback
Comment:
`wp_comment_form_unfiltered_html_nonce()` creates a nonce based on the
post ID of the last comment in the list instead of a current comment, so
the nonce check in `admin-ajax.php` is not satisfied:
{{{
if ( current_user_can('unfiltered_html') ) {
if ( wp_create_nonce('unfiltered-html-comment_' .
$comment_post_ID) != $_POST['_wp_unfiltered_html_comment'] ) {
kses_remove_filters(); // start with a clean slate
kses_init_filters(); // set up the filters
}
}
}}}
What is the proper way to fix this?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/18319#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list