WordPress.org

Make WordPress Core

Ticket #11311: 11311-2.patch

File 11311-2.patch, 809 bytes (added by jacklenox, 5 years ago)

I feel a bit hesitant sharing this, but here's a slight twist on Alex's original patch that seems to work for every case I can think of. It allows through ampersands that are surrounded by spaces. This seems to fit most use cases when people would want to use an ampersand in a title or body content. Any thoughts?

  • wp-includes/kses.php

     
    14261426 */
    14271427function wp_kses_normalize_entities($string) {
    14281428        // Disarm all entities by converting & to &
     1429        $string = str_replace(' & ', ' %%ampplaceholder%% ', $string);
    14291430        $string = str_replace('&', '&', $string);
    14301431
    14311432        // Change back the allowed entities in our entity whitelist
     
    14331434        $string = preg_replace_callback('/&#(0*[0-9]{1,7});/', 'wp_kses_normalize_entities2', $string);
    14341435        $string = preg_replace_callback('/&#[Xx](0*[0-9A-Fa-f]{1,6});/', 'wp_kses_normalize_entities3', $string);
    14351436
     1437        $string = str_replace(' %%ampplaceholder%% ', ' & ', $string);
     1438
    14361439        return $string;
    14371440}
    14381441