WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

#6888 closed defect (bug) (fixed)

Colon in title attribute causes truncation

Reported by: tellyworth Owned by:
Milestone: 2.7 Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:

Description

Example here:

http://bpr3.org/?p=87

Reproduced in a unit test here, class WPTestAttributeFiltering:

http://svn.automattic.com/wordpress-tests/wp-testcase/test_post_output.php

Test results:

1) test_the_content(WPTestAttributeFiltering)
Failed asserting that two strings are equal.
expected string <<p><span class="Z3988" title="ctx_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.aulast=Mariat&rft.aufirst=Denis&rft. au=Denis+Mariat&rft.au=Sead+Taourit&rft.au=G%C3%A9rard+Gu%C3%A9rin& rft.title=Genetics+Selection+Evolution&rft.atitle=&rft.date=2003&rft. volume=35&rft.issue=1&rft.spage=119&rft.epage=133&rft.genre=article& rft.id=info:DOI/10.1051%2Fgse%3A2002039"></span>Mariat, D., Taourit, S., Guérin, G. (2003). . <span style="font-style: italic;">Genetics Selection Evolution, 35</span>(1), 119-133. DOI: <a rev="review" href= "http://dx.doi.org/10.1051/gse:2002039">10.1051/gse:2002039</a></p>>
difference      <                              xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????>
got string      <<p><span class="Z3988" title="DOI/10.1051%2Fgse%3A2002039"></span>Mariat, D., Taourit, S., Guérin, G. (2003). . <span style="italic;">Genetics Selection Evolution, 35</span>(1), 119-133. DOI: <a rev="review" href="http://dx.doi.org/10.1051/gse:2002039">10.1051/gse:2002039</a></p>>

The results match those shown in the blog post. Presumably a kses issue.

Change History (4)

comment:1 tellyworth6 years ago

  • Summary changed from A complex 'title' attribute can be truncated to Colon in title attribute causes truncation

Actually it can be trivially reproduced by any title attribute containing a colon. Any text before the colon is stripped, most likely by the bad_protocol functions in kses.

1) test_the_content(WPTestAttributeColon)
Failed asserting that two strings are equal.
expected string <<p><span title="My friends: Alice, Bob and Carol">foo</span></p>>
difference      <                xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx????????????>
got string      <<p><span title="Alice, Bob and Carol">foo</span></p>>

See WPTestAttributeColon in the same wp-testcase file.

Possible fixes: either the bad protocol filters shouldn't be applied to Title (if that's safe); or they should be made more specific so they only filter sequences that actually look like URL protocols (allowing of course for % and entity encoding).

comment:3 ryan6 years ago

  • Milestone changed from 2.9 to 2.7

comment:4 ryan6 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [8671]) Apply kses bad-protocol checks only to URI typed attributes. Props takayukister. fixes #5917 #6888 #6910 #7512

Note: See TracTickets for help on using tickets.