[wp-trac] [WordPress Trac] #62436: Add proper escaping for dynamic values in login template
WordPress Trac
noreply at wordpress.org
Thu Jan 23 08:35:23 UTC 2025
#62436: Add proper escaping for dynamic values in login template
-----------------------------------------+-------------------------------
Reporter: im3dabasia1 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.8
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch close 2nd-opinion | Focuses: coding-standards
-----------------------------------------+-------------------------------
Changes (by audrasjb):
* keywords: has-patch => has-patch close 2nd-opinion
Comment:
Yes, I concur with @sabernhardt's feedback: both strings have very broadly
used filters, and stripping HTML –even with the proposed KSES
implementation– from them would most certainly break a lot of plugins.
My opinion is to close this ticket as `wontfix`.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62436#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list