WordPress.org

Make WordPress Core

Changeset 11706


Ignore:
Timestamp:
07/11/09 04:17:47 (6 years ago)
Author:
azaozz
Message:

Properly escape the title in the feed widget, props nbachiyski, fixes #10378 for 2.8

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.8/wp-includes/default-widgets.php

    r11650 r11706  
    713713            $desc = esc_attr(strip_tags(@html_entity_decode($rss->get_description(), ENT_QUOTES, get_option('blog_charset')))); 
    714714            if ( empty($title) ) 
    715                 $title = htmlentities(strip_tags($rss->get_title())); 
     715                $title = esc_html(strip_tags($rss->get_title())); 
    716716            $link = esc_url(strip_tags($rss->get_permalink())); 
    717717            while ( stristr($link, 'http') != $link ) 
Note: See TracChangeset for help on using the changeset viewer.