WordPress.org
Get WordPress

Make WordPress Core

Ticket #6642: bug6642.patch

File bug6642.patch, 475 bytes (added by schiller, 17 years ago)

Patch for kses, prevents adjacent hyphens in a HTML/XML comment

  • kses.php

     
    429429                        $string = $newstring;
    430430                if ( $string == '' )
    431431                        return '';
     432                // prevent multiple dashes in comments
     433                $string = preg_replace('/--+/', '-', $string);
     434                // prevent three dashes closing a comment
     435                $string = preg_replace('/-$/', '', $string);
    432436                return "<!--{$string}-->";
    433437        }
    434438        # Allow HTML comments