[wp-trac] [WordPress Trac] #14361: the_title does not escape HTML special characters properly
WordPress Trac
noreply at wordpress.org
Wed May 28 03:37:40 UTC 2014
#14361: the_title does not escape HTML special characters properly
----------------------------+-----------------------------
Reporter: peaceablewhale | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Themes | Version: 3.0
Severity: normal | Resolution:
Keywords: close | Focuses: template
----------------------------+-----------------------------
Changes (by obenland):
* keywords: needs-patch 2nd-opinion => close
Comment:
As Nacin pointed out, HTML is allowed in titles. And even if we were to
add a kses filter on save, it could break existing post's titles on
updates.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/14361#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list