[wp-trac] [WordPress Trac] #29557: PHP ≤ 5.4.8 Crashes on '[' Character in Posts
WordPress Trac
noreply at wordpress.org
Sun Sep 28 11:45:33 UTC 2014
#29557: PHP ≤ 5.4.8 Crashes on '[' Character in Posts
-----------------------------------+--------------------
Reporter: MrBobDobolina | Owner:
Type: defect (bug) | Status: new
Priority: highest omg bbq | Milestone: 4.0.1
Component: Formatting | Version: 4.0
Severity: blocker | Resolution:
Keywords: wptexturize has-patch | Focuses:
-----------------------------------+--------------------
Comment (by kitchin):
The comment parsing could be simplified. Gecko, Webkit and Trident all
(apparently) use this:
`(<!--.+?-->|<!--+>)`
even in exotic doctypes like xml and 4.01 strict. Despite the W3C, `\s*>`
is not allowed in 4.01 strict. And embedded `--` are ignored, since sgml
legacy is not as important as easily commenting out html (or xml). There's
probably some scenario I missed, but this regex is much simpler than the
one in the latest patch. I separated the clauses completely with `|` to
avoid any issues combining the greedy and non-greedy parts.
Test strings:
Shows 'ab':
{{{
a<!-->b
a<!--->b
a<!---->b
a<!----->b
a<!-- c --->b
a<!-- c -- d -->b
}}}
Does not show 'ab':
{{{
a<!-- c -- >b<!-- close -->
a<!-- >b<!-- close -->
a<!---- >b<!-- close -->
a<!-- <!-- c --> -->b<!-- close -->
}}}
The regex would be a change from current WP because it disallows
whitespace before closing `>`. But that's how the browser renders it
anyway.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29557#comment:72>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list