WordPress produces invalid comment feeds

[ossguy]

The feed XML that WordPress produces for comments does not properly escape ampersands in the link element. For example, a link element produced by WordPress will contain "​http://ossguy.com/?feed=rss2&p=153" instead of "​http://ossguy.com/?feed=rss2&p=153". This causes most feed readers to fail to read the feed. To verify this, try viewing ​http://ossguy.com/?feed=rss2&p=153 or other comment feeds on ​http://ossguy.com/.

This behavior has been confirmed with SVN revision 9921 from ​http://svn.automattic.com/wordpress/trunk (checkout from a few minutes ago).

[ossguy]

The example URLs in the comment should read "​http://ossguy.com/?p=153&cpage=1#comment-1839" and "​http://ossguy.com/?p=153&cpage=1#comment-1839", respectively.

[schlafbaum]

Solution: wrapping translation in html_entity_decode like: feed-rss2-comments.php, line 21: instead of: printf(('Comments on: %s', ENT_QUOTES, get_option('blog_charset')));

do: printf(html_entity_decode(('Comments on: %s', ENT_QUOTES,
get_option('blog_charset')), get_the_title_rss());

Translated text is used in 5 lines in both mentioned files.

[paulchenpanther]

Replying to schlafbaum:

Solution: wrapping translation in html_entity_decode like: feed-rss2-comments.php, line 21: instead of: printf(('Comments on: %s', ENT_QUOTES, get_option('blog_charset')));

I simply can't figure out how this solves ossguy's problem:

• html_entity_decode() replaces & by &. For the problem to be solved, this has to be done the other way round, hence htmlentites() may be used.

• The problem resides inside the link()-element. The proposed solution does not change anything inside that element.

My suggestion:

Replace

function comment_link() {
        echo get_comment_link();
}

by

function comment_link() {
        echo htmlentities(get_comment_link());
}

in wp-includes/feed.php (around line 254).

[nbachiyski]

Please, add patches only, not new versions of the file. Also, don't forget the {{{has-patch}} keyword, which will make a committer notice the ticket sooner.

​http://codex.wordpress.org/Submitting_Bugs

[nbachiyski]

Using clean_url() is better than just htmlentities().

[Otto42]

This really needs to be fixed, I'm starting to see it crop up on the support forums. For anybody using Default permalinks, this breaks all comments feeds.

The diagnosis is dead-on correct, as is the given one-line patch. Let's get it committed already.

[ryan]

(In [10332]) Clean comment link. Props nbachiyski. fixes #8405 for trunk

[ryan]

(In [10333]) Clean comment link. Props nbachiyski. fixes #8405 for 2.7