Make WordPress Core


Ignore:
Timestamp:
02/24/2010 05:37:20 AM (15 years ago)
Author:
ryan
Message:

Whitelist entities. Props miqrogroove. see #12284

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/formatting.php

    r13299 r13358  
    335335    if ( !$double_encode ) {
    336336        $string = wp_specialchars_decode( $string, $_quote_style );
     337
     338        /* Critical */
     339        // The previous line decodes &phrase; into &phrase;  We must guarantee that &phrase; is valid before proceeding.
     340        $string = wp_kses_normalize_entities($string);
     341
     342        // Now proceed with custom double-encoding silliness
    337343        $string = preg_replace( '/&(#?x?[0-9a-z]+);/i', '|wp_entity|$1|/wp_entity|', $string );
    338344    }
Note: See TracChangeset for help on using the changeset viewer.