Accents in attachment filenames should be sanitized
|Reported by:||tar.gz||Owned by:|
|Component:||Permalinks||Keywords:||needs-testing dev-feedback has-patch|
There is an inconsistency in the way WP is sanitizing post slugs and attachment filenames.
Sanitizing the post slugs is a Good Thing(tm) for non-english users who use diacritics in their post titles.
Example: If I write a post with the title "Moiré patterns", the actual page slug will be: "moire-patterns". The space is replaced with a hyphen, the "é" becomes "e". Even if I try to change the slug manually into "moiré", WP won't let me (for my own good, since that URL would break in lesser capable browsers).
For some reason, WP doesn't apply that error-correction to attachment filenames.
Example: If I attach a file named "moiré pattern.png", it gets renamed into "moiré-pattern.png".
We can see that the space (and some other forbidden characters) are corrected by sanitize_file_name(), but diacritics such as "é" or "ä" are left as they are.
Currently, most modern browsers are capable of displaying files with diacritics, but some of them still fail (most prominently, Safari).
For the sake of cross-browser compatibility, attachment filenames should benefit from the same safety measures that we apply for the post slugs (I guess that's the remove_accents() function).
Change History (93)
- Summary changed from Accentes in attachement filenames should be sanitized to Accents in attachement filenames should be sanitized
- Cc code@… added
- Summary changed from Accents in attachement filenames should be sanitized to Accents in attachment filenames should be sanitized
- Keywords has-patch added
- Milestone changed from Awaiting Review to 3.6
2 years ago
- Keywords 4.0-early needs-unit-tests added; 3.9-early removed
- Milestone changed from 3.9 to Future Release
in reply to:
7 months ago
- Keywords needs-refresh added; has-patch needs-unit-tests removed
- Component changed from Upload to Permalinks
- Severity changed from normal to critical