[wp-trac] [WordPress Trac] #24738: id attributes populated by comment_ID() are not escaped
WordPress Trac
noreply at wordpress.org
Fri Jul 12 22:13:19 UTC 2013
#24738: id attributes populated by comment_ID() are not escaped
--------------------------+------------------------------
Reporter: kwight | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch |
--------------------------+------------------------------
Comment (by nacin):
If I had my way, get_comment_ID() wouldn't have a filter. (get_the_ID()
doesn't have one either.) That said, it returns an integer. So we
can/should either cast to an integer inside get_comment_ID(), or just
assume that plugin authors won't return something other than an integer.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24738#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list