[wp-trac] [WordPress Trac] #39153: Bug in wp_html_split with unclosed PHP tag (or HTML tag <)
WordPress Trac
noreply at wordpress.org
Thu Mar 1 12:54:22 UTC 2018
#39153: Bug in wp_html_split with unclosed PHP tag (or HTML tag <)
-------------------------------------+-------------------------------------
Reporter: crosp | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 4.6.1
Severity: normal | Resolution:
Keywords: needs-patch needs-unit- | Focuses: administration,
tests | template
-------------------------------------+-------------------------------------
Comment (by soulseekah):
Your example is not valid HTML. `wp_html_split` assumes valid HTML, one
sanitized via `wp_kses` for example (see docblock for
`do_shortcodes_in_html_tags`):
{{{
* Assumes $content processed by KSES already. Users with unfiltered_html
* capability may get unexpected output if angle braces are nested in tags.
}}}
You can leave the "tag" open, if you use HTML entities, which is the
proper way to do it, I think.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39153#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list