Make WordPress Core

Opened 17 years ago

Closed 15 years ago

#5663 closed defect (bug) (duplicate)

URL sanitization is too restrictive

Reported by: nbachiyski's profile nbachiyski Owned by: ryan's profile ryan
Milestone: Priority: low
Severity: minor Version:
Component: Permalinks Keywords: needs-patch early
Focuses: Cc:

Description

Url sanitization is too strict, it allows only character from the following class: [^a-z0-9-~+_.?#=!&;,/:%@]

A URL can contain every possible character, so we shouldn't strip them, but just escape accordingly.

Change History (3)

#1 @Denis-de-Bernardy
15 years ago

  • Keywords needs-patch early added

See also: #9591

#2 @Denis-de-Bernardy
15 years ago

  • Component changed from General to Permalinks
  • Owner changed from anonymous to ryan
  • Priority changed from normal to low
  • Severity changed from normal to minor

#3 @ryan
15 years ago

  • Milestone 2.9 deleted
  • Resolution set to duplicate
  • Status changed from new to closed

We've opened to many more characters since this ticket was opened. Closing as a dupe.

Note: See TracTickets for help on using tickets.