[wp-trac] [WordPress Trac] #54184: HTML entities get decoded in Customizer text fields
WordPress Trac
noreply at wordpress.org
Sun Sep 26 00:19:10 UTC 2021
#54184: HTML entities get decoded in Customizer text fields
-------------------------------------------------+-------------------------
Reporter: jqz | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Customize | Version: 5.8.1
Severity: normal | Keywords:
Focuses: ui, administration, coding- |
standards |
-------------------------------------------------+-------------------------
= Part 1
1. Use `WP_Customize_Manager::add_setting()` and
`WP_Customize_Manager::add_control()` to create a `text` setting/control
with the default value `©`;
2. Navigate to the newly added setting in the Customizer.
== Expected Result
The literal text `©` is in the edit box (as specified for the default
value).
== Actual Result
A copyright symbol (`©`) is in the edit box.
= Part 2
1. Enter the text `&` in the above edit box (replacing what was
there);
2. Publish (save) settings;
3. Reload the page and navigate to the setting once again.
== Expected Result
The literal text `&` is in the edit box (as originally entered).
== Actual Result
Only a single ampersand symbol (`&`) is in the edit box.
= Note
Same results if the setting is given type `textarea`.
Whatever is entered into text controls, or provided for a default value,
should be preserved as is. The WordPress Customizer has no knowledge of
how it is going to be used and should not make presumptions that it is
going to be used in HTML output.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54184>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list