Context Navigation

← Previous Changeset
Next Changeset →

Changeset 43270

Timestamp:

05/15/2018 02:07:32 PM (5 years ago)

Author:

azaozz

Message:

Privacy: Escape comment URLs in personal export file to prevent XSS.

There doesn't appear to be any way for an attacker to introduce malicious input into the URL, unless a plugin is filtering the URL to add it, but it's better to be safe than sorry.

Props birgire.
Merges [43245] to the 4.9 branch.
Fixes #44054.

Location:

branches/4.9

Files:

: 2 edited

. (modified) (1 prop)
src/wp-includes/comment.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/4.9
- Property svn:mergeinfo changed
  /trunk merged: 43245

branches/4.9/src/wp-includes/comment.php

-                      r43157
+                      r43270
                 case 'comment_link':
                     $value = get_comment_link( $comment->comment_ID );
+                    $value = '<a href="' . $value . '" target="_blank" rel="noreferrer noopener">' . $value . '</a>';
+                    $value = sprintf(
+                        '<a href="%s" target="_blank" rel="noreferrer noopener">%s</a>',
+                        esc_url( $value ),
+                        esc_html( $value )
+                    );
                     break;
+            }

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 43270

Legend:

branches/4.9

branches/4.9/src/wp-includes/comment.php

Download in other formats: