[wp-trac] [WordPress Trac] #32257: Patch: add support for multi-line textarea sanitization

WordPress Trac noreply at wordpress.org
Tue Oct 25 22:21:21 UTC 2016

#32257: Patch: add support for multi-line textarea sanitization
 Reporter:  ottok                     |       Owner:  chriscct7
     Type:  enhancement               |      Status:  accepted
 Priority:  normal                    |   Milestone:  4.7
Component:  Formatting                |     Version:
 Severity:  normal                    |  Resolution:
 Keywords:  has-patch has-unit-tests  |     Focuses:

Comment (by ottok):

 The original function allowed some characters to go without being replaced
 by html entities. Are you now suggesting we should due to security reasons
 always encode everything as html entities? Or do you want only the special
 case of '<\n' to be encoded and all other whitespace followed '<' to
 remain as is?

 I assume the latter, that you are concerned only about this special case,
 an a patch for that is attached.

Ticket URL: <https://core.trac.wordpress.org/ticket/32257#comment:24>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list