Make WordPress Core

Opened 14 years ago

Last modified 4 years ago

#14584 reopened defect (bug)

HTML entities in category and tag elements

Reported by: lavamind's profile lavamind Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.1
Component: Export Keywords: has-patch
Focuses: Cc:

Description

The script wp-admin/includes/export.php creates CDATA blocks for category and tag data which contain HTML entities. Normally, these characters should appear un-encoded in the CDATA blocks, see #4321.

I suspect this problem may have been considered at some point, but currently the line in question is commented out : http://core.trac.wordpress.org/browser/trunk/wp-admin/includes/export.php?rev=9148#L102

The solution, I think, would be to replace that comment with html_entity_decode($str)

Attachments (5)

14584.diff (2.2 KB) - added by lavamind 14 years ago.
14584v2.diff (467 bytes) - added by c3mdigital 11 years ago.
Patch refresh
14584v3.diff (479 bytes) - added by ianmjones 10 years ago.
Patch refreshed to apply cleanly on current repository layout.
14584.4.patch (479 bytes) - added by ianmjones 10 years ago.
Patch refreshed for 4.2
14584.patch (536 bytes) - added by ianmjones 8 years ago.
Refreshed for 4.6, replaced commented out red-herring code with explanation of why encoded html entities are in CDATA.

Download all attachments as: .zip

Change History (12)

@lavamind
14 years ago

@c3mdigital
11 years ago

Patch refresh

#1 @c3mdigital
11 years ago

  • Keywords has-patch added
  • Version changed from 3.0.1 to 2.1

Refreshing patch.

@ianmjones
10 years ago

Patch refreshed to apply cleanly on current repository layout.

#2 @ianmjones
10 years ago

  • Resolution set to worksforme
  • Status changed from new to closed

Confirmed and tested refreshed patch (14584v3.diff) on 4.1-alpha-30000.
Tested import unaffected by change to more compliant CDATA format.

#3 @ianmjones
10 years ago

  • Resolution worksforme deleted
  • Status changed from closed to reopened

#4 @ianmjones
10 years ago

  • Keywords needs-testing added

@ianmjones
10 years ago

Patch refreshed for 4.2

#5 @chriscct7
9 years ago

  • Keywords needs-refresh added

@ianmjones
8 years ago

Refreshed for 4.6, replaced commented out red-herring code with explanation of why encoded html entities are in CDATA.

#6 follow-up: @ianmjones
8 years ago

  • Keywords needs-refresh removed

The importer requires that the CDATA contain data in the same format that will be inserted into the database, which means html entity encoded characters are required.

#7 in reply to: ↑ 6 @earnjam
4 years ago

  • Keywords needs-testing removed

Replying to ianmjones:

The importer requires that the CDATA contain data in the same format that will be inserted into the database, which means html entity encoded characters are required.

So I guess changing it would break the importer. In order to patch in core, we'd have to also update the importer plugin to account for this.

This commented out line has been there since cats/tags were first included in exports. See #3403.

Given how little impact this appears to have had in 14 years, I don't think we should change it. We could clean it up a bit by removing the commented out code and explain why they are not decoded, like 14584.patch does. But if we do that, I would clarify the wording a bit that it's dependent on the importer.

Note: See TracTickets for help on using tickets.