[wp-trac] [WordPress Trac] #27641: Theme Install screen displays encoded entities
WordPress Trac
noreply at wordpress.org
Wed Apr 2 22:13:14 UTC 2014
#27641: Theme Install screen displays encoded entities
--------------------------+-------------------------------------
Reporter: johnbillion | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.9
Component: Themes | Version: trunk
Severity: normal | Keywords: needs-patch 2nd-opinion
Focuses: ui |
--------------------------+-------------------------------------
The theme description (that's displayed in the left hand panel when you
view a theme's details) on the theme install screen is output in the
template using `{{` double curly braces `}}` which encodes the output
instead of outputting it as HTML.
The result is that ampersands show up as `&` instead of `&`. You can
see this in action if you view details of "Alexandria" in the "Featured"
tab.
Is it safe to use `{{{` triple braces `}}}` instead? It should be, but
could do with a second opinion as I'm not sure how much sanitising is done
in the theme repo.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27641>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list