Context Navigation

← Previous Ticket
Next Ticket →

#30682 closed defect (bug) (fixed)

Some Customizer control description HTML is being escaped

Reported by:	coreymckrill4ttf	Owned by:	ocean90
Milestone:	4.1	Priority:	normal
Severity:	normal	Version:	4.1
Component:	Customize	Keywords:	has-patch commit fixed-major
Focuses:	ui	Cc:

Description

In #27981 the esc_html was removed from control description output since they are set programatically, not via user input. However, in 4.1-RC1 I am seeing escaped HTML in the descriptions of image upload controls. My best guess is that this is due to uploader controls now being rendered via JS template.

Attachments (2)

30682.patch (760 bytes) - added by ocean90 8 years ago.
30682.2.patch (601 bytes) - added by ocean90 8 years ago.: Just the description field

Download all attachments as: .zip

Change History (9)

#1 @celloexpressions
8 years ago

Keywords needs-patch added
Milestone changed from Awaiting Review to 4.1

Don't have time to test right now, but that's likely the issue. The double braces should be replaced with triple braces in the control template {{ data.label/description }} to {{{ data.label/description }}}. Related: #29572, #21483.