[wp-trac] [WordPress Trac] #17780: Use PHP native double encoding prevention in htmlspecialchars()
WordPress Trac
noreply at wordpress.org
Thu Jul 9 04:38:50 UTC 2015
#17780: Use PHP native double encoding prevention in htmlspecialchars()
------------------------------------------+--------------------------
Reporter: nbachiyski | Owner: miqrogroove
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 4.3
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: needs-patch needs-unit-tests | Focuses:
------------------------------------------+--------------------------
Changes (by chriscct7):
* keywords: has-patch commit => needs-patch needs-unit-tests
* type: enhancement => defect (bug)
Comment:
Replying to [comment:27 azaozz]:
> > Seems like at the time (and maybe still) `_wp_specialchars()` is
getting double encoded strings and is expected to return single encoded.
It is "undocumented behaviour" but not sure if we can remove it.
>
> This broke post titles when there is a `&` (ampersand) in them. To
reproduce:
> - Create new post with an ampersand in the title.
> - Save draft several times.
This would seem to indicate we're missing a unit test for creating a post
with many special characters in the title (one for & in particular), and
then pulling it out and seeing if it matches.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/17780#comment:28>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list