Changeset 52229 for trunk/src/wp-includes/kses.php

Timestamp:

11/21/2021 05:15:26 PM (4 years ago)

Author:

SergeyBiryukov

Message:

KSES: Use correct global in wp_kses_xml_named_entities().

This fixes a discrepancy where the the global name used in the function did not match the one declared at the beginning of kses.php, and ensures that the function gets the correct array of allowed XML entity names.

Includes unit tests.

Follow-up to [48072].

Props ovidiul, costdev, peterwilsoncc, SergeyBiryukov.
Fixes #54060.

File:

• trunk/src/wp-includes/kses.php (modified) (4 diffs)

trunk/src/wp-includes/kses.php

@@ -460 +460 @@
 
     /**
-     * @var string[] $allowedentitynames Array of KSES allowed HTML entitity names.
+     * @var string[] $allowedentitynames Array of KSES allowed HTML entity names.
      * @since 1.0.0
      */
@@ -720 +720 @@
 
     /**
-     * @var string[] $allowedxmlentitynames Array of KSES allowed XML entitity names.
+     * @var string[] $allowedxmlentitynames Array of KSES allowed XML entity names.
      * @since 5.5.0
      */
-    $allowedxmlnamedentities = array(
+    $allowedxmlentitynames = array(
         'amp',
         'lt',
@@ -1907 +1907 @@
  */
 function wp_kses_xml_named_entities( $matches ) {
-    global $allowedentitynames, $allowedxmlnamedentities;
+    global $allowedentitynames, $allowedxmlentitynames;
 
     if ( empty( $matches[1] ) ) {
@@ -1915 +1915 @@
     $i = $matches[1];
 
-    if ( in_array( $i, $allowedxmlnamedentities, true ) ) {
+    if ( in_array( $i, $allowedxmlentitynames, true ) ) {
         return "&$i;";
     } elseif ( in_array( $i, $allowedentitynames, true ) ) {