WordPress.org

Make WordPress Core

Ticket #2625: escape_title.diff

File escape_title.diff, 592 bytes (added by markjaquith, 9 years ago)

patch for /branches/2.0/

  • wp-includes/comment-functions.php

     
    328328                if (!empty($CSSclass)) { 
    329329                        echo ' class="'.$CSSclass.'"'; 
    330330                } 
    331                 echo ' title="' . sprintf( __('Comment on %s'), $post->post_title ) .'">'; 
     331                $title = wp_specialchars(apply_filters('the_title', get_the_title())); 
     332                echo ' title="' . sprintf( __('Comment on %s'), $title ) .'">'; 
    332333                comments_number($zero, $one, $more, $number); 
    333334                echo '</a>'; 
    334335        }