[wp-trac] [WordPress Trac] #21537: Email address sanitisation mangles valid email addresses

WordPress Trac noreply at wordpress.org
Mon Jul 20 18:00:53 UTC 2015


#21537: Email address sanitisation mangles valid email addresses
--------------------------------------------+------------------------------
 Reporter:  westi                           |       Owner:
     Type:  defect (bug)                    |      Status:  new
 Priority:  normal                          |   Milestone:  Awaiting Review
Component:  Formatting                      |     Version:  3.4.1
 Severity:  normal                          |  Resolution:
 Keywords:  2nd-opinion has-patch is-email  |     Focuses:
--------------------------------------------+------------------------------
Changes (by miqrogroove):

 * keywords:  2nd-opinion has-patch => 2nd-opinion has-patch is-email


Comment:

 Replying to [comment:6 iandunn]:
 > What about instead of applying ''wp_filter_kses'', we pass the new
 address through PHP's
 ''[http://php.net/manual/en/filter.filters.sanitize.php
 FILTER_SANITIZE_EMAIL]''? That would strip out all characters except
 letters, digits and {{{!#$%&'*+-/=?^_`{|}~@.[]}}}

 I'm curious about this myself, and how it relates to our other is_email
 tickets.  I'm going to tag them all as related for now.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/21537#comment:13>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list