WordPress.org

Make WordPress Core

Opened 10 years ago

Last modified 4 weeks ago

#14584 reopened defect (bug)

HTML entities in category and tag elements

Reported by: lavamind Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.1
Component: Export Keywords: has-patch
Focuses: Cc:

Description

The script wp-admin/includes/export.php creates CDATA blocks for category and tag data which contain HTML entities. Normally, these characters should appear un-encoded in the CDATA blocks, see #4321.

I suspect this problem may have been considered at some point, but currently the line in question is commented out : http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/export.php?rev=9148#L102

The solution, I think, would be to replace that comment with html_entity_decode($str)

Attachments (5)

14584.diff (2.2 KB) - added by lavamind 10 years ago.
14584v2.diff (467 bytes) - added by c3mdigital 7 years ago.
Patch refresh
14584v3.diff (479 bytes) - added by ianmjones 6 years ago.
Patch refreshed to apply cleanly on current repository layout.
14584.4.patch (479 bytes) - added by ianmjones 5 years ago.
Patch refreshed for 4.2
14584.patch (536 bytes) - added by ianmjones 4 years ago.
Refreshed for 4.6, replaced commented out red-herring code with explanation of why encoded html entities are in CDATA.

Download all attachments as: .zip

Change History (12)

@lavamind
10 years ago

@c3mdigital
7 years ago

Patch refresh

#1 @c3mdigital
7 years ago

  • Keywords has-patch added
  • Version changed from 3.0.1 to 2.1

Refreshing patch.

@ianmjones
6 years ago

Patch refreshed to apply cleanly on current repository layout.

#2 @ianmjones
6 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

Confirmed and tested refreshed patch (14584v3.diff) on 4.1-alpha-30000.
Tested import unaffected by change to more compliant CDATA format.

#3 @ianmjones
6 years ago

  • Resolution worksforme deleted
  • Status changed from closed to reopened

#4 @ianmjones
6 years ago

  • Keywords needs-testing added

@ianmjones
5 years ago

Patch refreshed for 4.2

#5 @chriscct7
5 years ago

  • Keywords needs-refresh added

@ianmjones
4 years ago

Refreshed for 4.6, replaced commented out red-herring code with explanation of why encoded html entities are in CDATA.

#6 follow-up: @ianmjones
4 years ago

  • Keywords needs-refresh removed

The importer requires that the CDATA contain data in the same format that will be inserted into the database, which means html entity encoded characters are required.

#7 in reply to: ↑ 6 @earnjam
4 weeks ago

  • Keywords needs-testing removed

Replying to ianmjones:

The importer requires that the CDATA contain data in the same format that will be inserted into the database, which means html entity encoded characters are required.

So I guess changing it would break the importer. In order to patch in core, we'd have to also update the importer plugin to account for this.

This commented out line has been there since cats/tags were first included in exports. See #3403.

Given how little impact this appears to have had in 14 years, I don't think we should change it. We could clean it up a bit by removing the commented out code and explain why they are not decoded, like 14584.patch does. But if we do that, I would clarify the wording a bit that it's dependent on the importer.

Note: See TracTickets for help on using tickets.