Opened 5 weeks ago
Last modified 5 weeks ago
#62024 new defect (bug)
wp_kses_post incorrectly escapes "<" attributes values
Reported by: | jernstjernst | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | trunk |
Component: | Formatting | Keywords: | |
Focuses: | coding-standards | Cc: |
Description
Hello,
We are trying to use wp_kses everywhere we output as recommended. However, we encountered the following issue:
Example:
<?php echo wp_kses_post('<button data-glide-dir="<"><</button>") ?>
Expected result:
<button data-glide-dir="<"><</button>
Actual result:
<button data-glide-dir="<</button>
This breaks glide.js unless we use this workaround (https://github.com/glidejs/glide/issues/547)
I think this should be allowed as per https://html.spec.whatwg.org/multipage/syntax.html#syntax-attributes
Thanks and best regards
Note: See
TracTickets for help on using
tickets.
Sorry, the test case should read: