WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

#28323 closed defect (bug) (invalid)

Incorrect HTML tag filtering in get_comments function.

Reported by: Rextc Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.9.1
Component: Comments Keywords:
Focuses: Cc:

Description

When a guest or normal user posts a comment ending with open HTML tags, they are not properly closed if comments are shown using the get_comments() function. This does not occur when using the wp_list_comments() function.

Example:
Using get_comments(), the following <a> is not properly closed:

This is a great article.<a href="url to malicious site"><del>

This causes all the elements below that comment to become a link to the malicious site. The code being used to show these comments is outlined below.

    <div id="comments">
        <?php
            $comments = get_comments(array("post_id" => get_the_ID(), 'order' => 'ASC'));
            foreach ($comments as $comment) :
        ?>
        <div class="comment"><?php echo $comment->comment_content; ?></div>
        <?php endforeach; ?>
    </div>

Change History (1)

#1 @SergeyBiryukov
7 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

$comment->comment_content gives you raw comment content.

You should use comment_text() instead, which applies force_balance_tags() via comment_text filter.

Note: See TracTickets for help on using tickets.