Make WordPress Core

Opened 8 years ago

Closed 8 years ago

#5796 closed defect (bug) (fixed)

Viewing a post in HTML editing mode results in enetity encoded html being non-encoded

Reported by: DD32 Owned by:
Milestone: 2.5 Priority: normal
Severity: normal Version: 2.5
Component: TinyMCE Keywords: has-patch tested
Focuses: Cc:


Steps to reproduce:

  1. Create a new post in Visual Editor, Enter some text, Include some HTML in the Visual view (That you expect to be visible in the blog post as entity-encoded)
  2. Switch to HTML view, Notice that the HTML is entity encoded as expected
  3. Save the post (You can replace the above steps with editing a previous post with HTML in it too, as long as WordPress will default to opening in the HTML mode)
  4. WordPress remembers that you prefer the HTML mode, and loads up in that mode. Notice the HTML is no longer encoded
  5. Switch back to the Visual editor, Notice that now the previously entity-encoded HTML is being treated as inline HTML, Ie. <a href="">link</a> shown in the visual editor, will now appear as a Link.
  6. Saving the post now will result in the HTML being posted as HTML, rather than entity-encoded HTML

In both cases WordPress prints the code the same: (Mind you, HTML mode doesnt have the <p> tags)

<textarea class='' rows='25' cols='40' name='content' tabindex='2' id='content'><p>This is an example of HTML</p>
<p>&amp;lt;a href="Testty"&amp;gt;Test Link&amp;lt;/a&amp;gt;</p>

Attachments (2)

5796.diff (685 bytes) - added by DD32 8 years ago.
escape.diff (1.0 KB) - added by andy 8 years ago.

Download all attachments as: .zip

Change History (8)

comment:1 @ffemtcj8 years ago

  • Cc ffemtcj added

@DD328 years ago

comment:2 @DD328 years ago

  • Keywords has-patch needs-testing added; needs-patch removed

Not sure if htmlspecialchars() or htmlentities() should be used.

This function[htmlentities()] is identical to htmlspecialchars() in all ways, except with htmlentities(), all characters which have HTML character entity equivalents are translated into these entities. - http://au2.php.net/manual/en/function.htmlentities.php

comment:3 @ffemtcj8 years ago

  • Keywords tested added; needs-testing removed

Works fine

comment:4 @lloydbudd8 years ago

  • Milestone changed from 2.6 to 2.5

@andy8 years ago

comment:5 @andy8 years ago

Added a patch that does basically the same thing, plus ENT_NOQUOTES and a filter.

comment:6 @ryan8 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [6767]) htmlspecialchars when loading content into html editor. Props DD32 and andy. fixes #5796

Note: See TracTickets for help on using tickets.