[wp-trac] [WordPress Trac] #61246: wp_kses makes HTML comment HTML uncommented
WordPress Trac
noreply at wordpress.org
Tue Sep 3 21:35:41 UTC 2024
#61246: wp_kses makes HTML comment HTML uncommented
-------------------------------------------------+-------------------------
Reporter: kkmuffme | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Formatting | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests changes- | Focuses:
requested |
-------------------------------------------------+-------------------------
Comment (by dmsnell):
Thanks @hellofromTonya - the bug is still present in `trunk`
{{{#!php
<?php
var_dump( wp_kses_post( 'asd <!-- <a href="other-page.com"
class="hello">world</a> --> asd' ) );
}}}
{{{
string(71) "asd <!-- <a href="other-page.com" class="hello">world</a>
--> asd"
}}}
It //is// a very complicated issue though, particularly since comment
handling is recursive and a fix in one spot might cascade into others.
One big question to answer is whether fixing this in this function would
expose new issues in other places that assume the content coming out of
`wp_kses()` is a certain way. I'd love to see this entire stack of
functions be replaced with a single pass with the Tag Processor, but I
don't yet have all the answers to those questions.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61246#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list