WordPress.org

Make WordPress Core

Opened 10 years ago

Closed 10 years ago

Last modified 8 years ago

#4307 closed defect (bug) (fixed)

Single quotes in category name breaks Atom feeds

Reported by: Otto42 Owned by: rob1n
Milestone: 2.2.1 Priority: high
Severity: critical Version: 2.2
Component: General Keywords: has-patch
Focuses: Cc:

Description

This code in function get_the_category_rss():

if ( 'atom' == $type )
	$the_list .= "<category scheme='$home' term='$category->cat_name' />";

Will cause an invalid atom feed if the category name contains a single quote (as in "Otto's category"). The cat_name needs to be passed through htmlentities (probably) to handle the quotes and other special characters.

Attachments (1)

4307.diff (1.1 KB) - added by rob1n 10 years ago.

Download all attachments as: .zip

Change History (7)

#1 @rob1n
10 years ago

  • Owner changed from anonymous to rob1n
  • Status changed from new to assigned

attribute_escape.

#2 @rob1n
10 years ago

Not sure about the patch. It seems like it would work, but I figured I didn't want to double-encode it, so I grabbed the raw values for the Atom feed.

#3 @rob1n
10 years ago

  • Keywords has-patch 2nd-opinion added

#4 @ryan
10 years ago

I'm not sure how convert_chars() and attribute_escape() play together either. Not using get_bloginfo_rss() means the 'get_bloginfo_rss' filter isn't called, though. We should still call that.

@rob1n
10 years ago

#5 @rob1n
10 years ago

  • Keywords 2nd-opinion removed

#6 @rob1n
10 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [5548]) Fix Atom feeds' categories. fixes #4307

Note: See TracTickets for help on using tickets.