[wp-trac] [WordPress Trac] #25422: Don't escape plugin author field when deleting plugin
WordPress Trac
noreply at wordpress.org
Thu Oct 8 23:13:02 UTC 2015
#25422: Don't escape plugin author field when deleting plugin
--------------------------+-----------------------------
Reporter: johnbillion | Owner: johnbillion
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.4
Component: Plugins | Version:
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses: administration
--------------------------+-----------------------------
Changes (by johnbillion):
* status: assigned => closed
* resolution: => fixed
Comment:
In [changeset:"34973"]:
{{{
#!CommitTicketReference repository="" revision="34973"
Remove HTML escaping for the plugin name and author fields that are
displayed when deleting a plugin.
While it might seem counter-intuitive to remove HTML escaping, these
fields are already safe (they originate in
`_get_plugin_data_markup_translate()` which handles sanitization and
escaping), and the AuthorName field actually allows some HTML. This change
prevents escaped HTML from appearing here.
Fixes #25422
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/25422#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list