WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 18 months ago

Last modified 18 months ago

#20170 closed defect (bug) (invalid)

The Incutio XML-RPC Library does not strip invalid XML characters

Reported by: tszming Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.3.1
Component: XML-RPC Keywords:
Focuses: Cc:

Description (last modified by SergeyBiryukov)

Not sure how to contact the library' author, but as I experienced this issue when using with the wordpress's class-IXR.php, so I report here (http://scripts.incutio.com/xmlrpc/)

See the attached script to reproduce the problem: There is a BEL (07) between the character A and B, and the client send the invalid character to the server.

Probably need to filter out the string like this ticket: #19998

Attachments (2)

xmlrpc-parser-error.php (318 bytes) - added by tszming 2 years ago.
file-encoding-problem.png (21.2 KB) - added by bpetty 18 months ago.

Download all attachments as: .zip

Change History (4)

tszming2 years ago

comment:1 bpetty18 months ago

  • Component changed from General to XML-RPC
  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

You should look at your source file encodings a little closer. The problem is actually in your own source code. See file-encoding-problem.png as shown in my editor.

comment:2 SergeyBiryukov18 months ago

  • Description modified (diff)
Note: See TracTickets for help on using tickets.