WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#27131 closed defect (bug) (invalid)

email address in the title breaks in quickedit

Reported by: ryno267 Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.8.1
Component: Quick/Bulk Edit Keywords:
Focuses: Cc:

Description

I had some page titles with email addresses in them (dont ask) and when hit "quick edit" from the pages list I get this after the email in the title field in quickedit:

Using test@domain.com/* <![CDATA[ */(function(){try{var s,a,i,j,r,c,l,b=document.getElementsByTagName("script");l=b[b.length-1].previousSibling;a=l.getAttribute('data-cfemail');if(a){s='';r=parseInt(a.substr(0,2),16);for(j=2;a.length-j;j+=2){c=parseInt(a.substr(j,2),16)^r;s+=String.fromCharCode(c);}s=document.createTextNode(s);l.parentNode.replaceChild(s,l);}}catch(e){}})();/* ]]> */ Email

Original title was "Using test@… Email"

Very repeatable.

  1. Make page with email address in title.
  2. view all pages: /wp-admin/edit.php
  3. click "Quick Edit"

If you update without cleaning it up.. all that code is now part of the title.

Change History (3)

#1 @SergeyBiryukov
7 years ago

That code is not a part of WordPress core.

Looks like it might have to do with CloudFlare "E-mail address obfuscation" feature:
http://techblog.gregmarchal.com/strange-javascript-in-wordpress-quick-edit-comment/

#2 @ryno267
7 years ago

  • Resolution set to invalid
  • Status changed from new to closed

Well sheeeet. cloudflare was enabled for our wiki subdomain (didn't know it was honestly) so turned it to bypass and flushed. Issue gone.

My bad. thanks for the find Sergey! Cheers. closing

#3 @TobiasBg
7 years ago

  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.