WordPress.org

Make WordPress Core

Changeset 12126


Ignore:
Timestamp:
10/29/2009 05:32:23 PM (11 years ago)
Author:
ryan
Message:

Switch to wp_kses_data() for displayed filtering to avoid slashing. fixes #10949

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/default-filters.php

    r12125 r12126  
    2323foreach ( array( 'term_name', 'comment_author_name', 'link_name', 'link_target', 'link_rel', 'user_display_name', 'user_first_name', 'user_last_name', 'user_nickname' ) as $filter ) {
    2424    add_filter( $filter, 'sanitize_text_field'  );
    25     add_filter( $filter, 'wp_filter_kses'       );
     25    add_filter( $filter, 'wp_kses_data'       );
    2626    add_filter( $filter, '_wp_specialchars', 30 );
    2727}
     
    4747foreach ( array( 'comment_author_email', 'user_email' ) as $filter ) {
    4848    add_filter( $filter, 'sanitize_email' );
    49     add_filter( $filter, 'wp_filter_kses' );
     49    add_filter( $filter, 'wp_kses_data' );
    5050}
    5151
     
    6262    add_filter( $filter, 'wp_strip_all_tags' );
    6363    add_filter( $filter, 'esc_url'           );
    64     add_filter( $filter, 'wp_filter_kses'    );
     64    add_filter( $filter, 'wp_kses_data'    );
    6565}
    6666
Note: See TracChangeset for help on using the changeset viewer.