[wp-trac] [WordPress Trac] #32257: Patch: add support for multi-line textarea sanitization
WordPress Trac
noreply at wordpress.org
Tue Oct 25 22:21:21 UTC 2016
#32257: Patch: add support for multi-line textarea sanitization
--------------------------------------+------------------------
Reporter: ottok | Owner: chriscct7
Type: enhancement | Status: accepted
Priority: normal | Milestone: 4.7
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses:
--------------------------------------+------------------------
Comment (by ottok):
The original function allowed some characters to go without being replaced
by html entities. Are you now suggesting we should due to security reasons
always encode everything as html entities? Or do you want only the special
case of '<\n' to be encoded and all other whitespace followed '<' to
remain as is?
I assume the latter, that you are concerned only about this special case,
an a patch for that is attached.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32257#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list