[wp-trac] [WordPress Trac] #61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML

WordPress Trac noreply at wordpress.org
Wed Aug 7 23:44:35 UTC 2024


#61827: wp_check_comment_disallowed_list() can't be used to match unprocessed HTML
--------------------------------------+---------------------
 Reporter:  cfinke                    |       Owner:  (none)
     Type:  defect (bug)              |      Status:  new
 Priority:  normal                    |   Milestone:  6.7
Component:  Comments                  |     Version:  6.6.1
 Severity:  normal                    |  Resolution:
 Keywords:  has-patch has-unit-tests  |     Focuses:
--------------------------------------+---------------------

Comment (by thompsonsj):

 @cfinke @mi5t4n `wp_check_comment_disallowed_list()` receives filtered
 comment data. As a result, I checked further up the function calls to find
 the most appropriate place to run a 'pre-check' on unfiltered comment
 data.

 `wp_check_comment_disallowed_list()` is called by `wp_allow_comment` which
 is run after comment data is filtered inside the `wp_new_comment`
 function.

 I've suggested a change in https://github.com/WordPress/wordpress-
 develop/pull/7155 that also runs `wp_allow_comment` on comment data before
 it is filtered. If a `trash` approved status is returned, the comment will
 keep that status. If not, `wp_allow_comment` is run on filtered comment
 data as is the case at the moment.

 Unit tests added.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/61827#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list