Make WordPress Core

Opened 4 years ago

Last modified 21 months ago

#50692 new defect (bug)

WordPress v5.4.2 Escaping Problem in the Edit Media Screen

Reported by: rafaelcardero's profile rafaelcardero Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 5.4.2
Component: Media Keywords: has-patch
Focuses: administration Cc:

Description

Summary:
WordPress v5.4.2 escapes the content of the Description field in the Edit Media screen if the filter 'user_can_richedit' returns false.

How to Replicate
1) Upload an attachment and open the Edit Media screen
2) Add a simple HTML markup to the Description field. Example: <p>Hello World!</p>
3) Save changes and check that the content of the field is not HTML escaped
4) Add the following line to the current theme

add_filter('user_can_richedit', '__return_false', 999, 0);

5) Go back to the Edit Media screen and save changes again
6) Problem: The content of the field Description is HTML escaped

Context
I administer a WordPress website since many years ago and I disabled the WYSIWIG editor setting the value of the filter 'user_can_richedit' to false. I like to enter HTML code directly. Now I am unable to use HTML code in the Description field as I did previously.

Probably other users are also facing this problem.

Change History (4)

#1 @johnbillion
4 years ago

  • Component changed from Editor to Media
  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to Future Release

Thanks for the report @rafaelcardero. I've confirmed this is an issue.

Introduced in [47948] for 5.4.2.

#2 @rafaelcardero
4 years ago

Glad to help @johnbillion.

This ticket was mentioned in PR #3953 on WordPress/wordpress-develop by Mahjouba91.


21 months ago
#3

  • Keywords has-patch added; needs-patch removed

Trac ticket: 50692

#4 @Mista-Flo
21 months ago

It's inside format_to_edit function in wp-includes/formating.php, it checks rich_text value to escape or not the textarea.

I'm not 100% sure what to do without having side effects on other editor fields.

I just came up with a quick patch to start the conversation, but again, not tested in different scenario hence not sure it's a good fix.

Would like to get developer feedbacks here, not sure how it works for other editor fields

Note: See TracTickets for help on using tickets.