#4307 closed defect (bug) (fixed)
Single quotes in category name breaks Atom feeds
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | high | Milestone: | 2.2.1 |
| Component: | General | Version: | 2.2 |
| Severity: | critical | Keywords: | has-patch |
| Cc: |
Description
This code in function get_the_category_rss():
if ( 'atom' == $type ) $the_list .= "<category scheme='$home' term='$category->cat_name' />";
Will cause an invalid atom feed if the category name contains a single quote (as in "Otto's category"). The cat_name needs to be passed through htmlentities (probably) to handle the quotes and other special characters.
Attachments (1)
Change History (7)
- Owner changed from anonymous to rob1n
- Status changed from new to assigned
Not sure about the patch. It seems like it would work, but I figured I didn't want to double-encode it, so I grabbed the raw values for the Atom feed.
I'm not sure how convert_chars() and attribute_escape() play together either. Not using get_bloginfo_rss() means the 'get_bloginfo_rss' filter isn't called, though. We should still call that.
Note: See
TracTickets for help on using
tickets.
attribute_escape.