Context Navigation

← Previous Ticket
Next Ticket →

#9540 closed defect (bug) (fixed)

Site Name In <link rel='index'> Not Escaped

Reported by:	GamerZ	Owned by:
Milestone:	2.8	Priority:	normal
Severity:	normal	Version:
Component:	Template	Keywords:
Focuses:		Cc:

Description

In wp-includes/feed.php:

function get_index_rel_link() {
        $link = "<link rel='index' title='" . get_bloginfo('name') . "' href='" . get_bloginfo('siteurl') . "' />\n";
        return apply_filters( "index_rel_link", $link );
}

If the site contains a single quote the HTML will be invalid. Attached is the patch using attributes_escape() to escape quotes.

Attachments (1)

index_rel_link.patch (587 bytes) - added by GamerZ 17 years ago.

Download all attachments as: .zip

Change History (2)

@GamerZ
17 years ago

Attachment index_rel_link.patch added

#1 @ryan
17 years ago

Resolution set to fixed
Status changed from new to closed

(In [10936]) Escape title. Props GamerZ. fixes #9540

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core