[wp-trac] [WordPress Trac] #61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML
WordPress Trac
noreply at wordpress.org
Wed Aug 7 07:19:18 UTC 2024
#61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML
--------------------------+---------------------
Reporter: cfinke | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.7
Component: Comments | Version: 6.6.1
Severity: normal | Resolution:
Keywords: needs-patch | Focuses:
--------------------------+---------------------
Comment (by mi5t4n):
I was doing some testing, even if we passed the unmodified comment data to
the `wp_check_comment_disallowed_list()` function, there is a line in that
function
{{{#!php
<?php
File: src/wp-includes/comment.php
1360:
1361: // Ensure HTML tags are not being used to bypass the list of
disallowed characters and words.
1362: $comment_without_html = wp_strip_all_tags( $comment );
}}}
Any suggestions on how to resolve this?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61827#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list