[wp-trac] [WordPress Trac] #16773: Unescaped preg_match breaks with PHP 5.3 Namespaced Widget Classes.
WordPress Trac
noreply at wordpress.org
Fri Aug 28 10:27:11 UTC 2020
#16773: Unescaped preg_match breaks with PHP 5.3 Namespaced Widget Classes.
-------------------------------------------------+-------------------------
Reporter: 5ubliminal | Owner:
| SergeyBiryukov
Type: defect (bug) | Status: reviewing
Priority: normal | Milestone: 5.6
Component: Widgets | Version: 3.1
Severity: minor | Resolution:
Keywords: needs-unit-tests needs-testing | Focuses:
needs-refresh |
-------------------------------------------------+-------------------------
Comment (by jipmoors):
Looking at the original problem and the current code.
I have a hard time deteremining the problem, if there is any.
The original problem was that a variable was used to construct a regular
expression query, but that has been rewritten in the meanwhile.
Currenty the id_base is used to construct a string which is most likely
(always?) used to fill an HTML ID or FOR attribute. These used to be
restricted on how they had to be restricted but since HTML5 this is very
loosly defined: https://html.spec.whatwg.org/multipage/dom.html#the-id-
attribute
Since everything is working and no other reports have come in, I suggest
closing this issue.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/16773#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list