Changes between Initial Version and Version 1 of Ticket #49190, comment 2
- Timestamp:
- 01/16/2020 09:48:04 PM (5 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #49190, comment 2
initial v1 1 1 > It shouldn't be using esc_html() on the title, because titles can contain markup, so you've identified a bug in the comment.php. 2 2 3 Makes sense! Would `wp_kses_post()` be a suitable replacement in these cases? It seems like we wouldn't want to eliminate those `em` or `bold` tags entirely, and something like `strip_tags()` or `esc_attr()` would do that. 3 Makes sense! Would `wp_kses_post()` be a suitable replacement in these cases? It seems like we wouldn't want to eliminate those `em` or `bold` tags entirely, and something like `strip_tags()` or `esc_attr()` would do that. But on the other hand, there are probably a number of HTML tags that are allowed in posts that wouldn't make sense to display in a post title. 😕