WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#8405 closed defect (bug) (fixed)

WordPress produces invalid comment feeds

Reported by: ossguy Owned by:
Milestone: 2.7.1 Priority: high
Severity: major Version: 2.7
Component: Feeds Keywords: has-patch
Focuses: Cc:

Description

The feed XML that WordPress produces for comments does not properly escape ampersands in the link element. For example, a link element produced by WordPress will contain "http://ossguy.com/?feed=rss2&p=153" instead of "http://ossguy.com/?feed=rss2&p=153". This causes most feed readers to fail to read the feed. To verify this, try viewing http://ossguy.com/?feed=rss2&p=153 or other comment feeds on http://ossguy.com/.

This behavior has been confirmed with SVN revision 9921 from http://svn.automattic.com/wordpress/trunk (checkout from a few minutes ago).

Attachments (4)

feed-atom-comments.php (4.4 KB) - added by schlafbaum 5 years ago.
feed-rss2-comments.php (2.9 KB) - added by schlafbaum 5 years ago.
feed.php (14.2 KB) - added by paulchenpanther 5 years ago.
clean_url-for-comment-link.diff (324 bytes) - added by nbachiyski 5 years ago.

Download all attachments as: .zip

Change History (15)

comment:2 follow-up: schlafbaum5 years ago

Solution: wrapping translation in html_entity_decode like: feed-rss2-comments.php, line 21: instead of: printf(('Comments on: %s', ENT_QUOTES, get_option('blog_charset')));

do: printf(html_entity_decode(('Comments on: %s', ENT_QUOTES,
get_option('blog_charset')), get_the_title_rss());

Translated text is used in 5 lines in both mentioned files.

comment:3 in reply to: ↑ 2 paulchenpanther5 years ago

Replying to schlafbaum:

Solution: wrapping translation in html_entity_decode like: feed-rss2-comments.php, line 21: instead of: printf(('Comments on: %s', ENT_QUOTES, get_option('blog_charset')));

I simply can't figure out how this solves ossguy's problem:

  • html_entity_decode() replaces & by &. For the problem to be solved, this has to be done the other way round, hence htmlentites() may be used.
  • The problem resides inside the link()-element. The proposed solution does not change anything inside that element.

My suggestion:

Replace

function comment_link() {
        echo get_comment_link();
}

by

function comment_link() {
        echo htmlentities(get_comment_link());
}

in wp-includes/feed.php (around line 254).

paulchenpanther5 years ago

comment:4 nbachiyski5 years ago

Please, add patches only, not new versions of the file. Also, don't forget the {{{has-patch}} keyword, which will make a committer notice the ticket sooner.

http://codex.wordpress.org/Submitting_Bugs

comment:5 nbachiyski5 years ago

  • Keywords has-patch added
  • Milestone changed from 2.8 to 2.7.1
  • Severity changed from normal to major

Using clean_url() is better than just htmlentities().

comment:6 nbachiyski5 years ago

  • Severity changed from major to normal

comment:7 nbachiyski5 years ago

  • Severity changed from normal to major

comment:8 ryan5 years ago

  • Component changed from General to Feeds
  • Owner anonymous deleted

comment:9 Otto425 years ago

  • Priority changed from normal to high

This really needs to be fixed, I'm starting to see it crop up on the support forums. For anybody using Default permalinks, this breaks all comments feeds.

The diagnosis is dead-on correct, as is the given one-line patch. Let's get it committed already.

comment:10 ryan5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [10332]) Clean comment link. Props nbachiyski. fixes #8405 for trunk

comment:11 ryan5 years ago

(In [10333]) Clean comment link. Props nbachiyski. fixes #8405 for 2.7

Note: See TracTickets for help on using tickets.