WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#16489 closed defect (bug) (fixed)

HTML tags img, pre are cut out from comments

Reported by: advanpix Owned by: ryan
Milestone: 3.1 Priority: normal
Severity: major Version: 3.0.5
Component: Comments Keywords:
Focuses: Cc:

Attachments (3)

3.0.diff (718 bytes) - added by nacin 3 years ago.
For the 3.0 branch with a new nightly.
3.1.diff (644 bytes) - added by nacin 3 years ago.
For 3.1 final.
akismet.diff (508 bytes) - added by nacin 3 years ago.
Possible Akismet hotfix.

Download all attachments as: .zip

Change History (11)

comment:1 advanpix3 years ago

I think I found the problem

In 3.0.5 file wp-includes/default-filters.php line 35 looks like:

foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description', 'comment_text' ) as $filter ) {

Just removing bold text and "," before it fixes the bug.

3.0.4 has this line without 'comment_text' - and it was working fine.

comment:2 ocean903 years ago

  • Owner set to ryan
  • Status changed from new to reviewing

Related Changeset: [17400]

comment:3 nacin3 years ago

It's the difference in the surrounding code from [17192] to [17400] that bit us. We're looking at options.

nacin3 years ago

For the 3.0 branch with a new nightly.

nacin3 years ago

For 3.1 final.

nacin3 years ago

Possible Akismet hotfix.

comment:5 nacin3 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

(In [17421]) Only run kses on comment_text in the admin. Use wp_kses_post instead of wp_kses_data for a better balance between security and flexibility. fixes #16489 for the 3.0 branch.

comment:6 nacin3 years ago

(In [17422]) Use wp_kses_post instead of wp_kses_data for a better balance between security and flexibility. fixes #16489 for trunk.

comment:7 nacin3 years ago

(In [17423]) Use wp_kses_post instead of wp_kses_data for a better balance between security and flexibility. fixes #16489 for the 3.1 branch.

comment:8 nacin3 years ago

  • Milestone changed from Awaiting Review to 3.1
Note: See TracTickets for help on using tickets.