Ticket #2061 (closed defect: duplicate)

Opened 3 years ago

Last modified 1 year ago

A single < in comments cause the rest of the comment to be lost

Reported by: allan Assigned to: markjaquith
Priority: normal Milestone:
Component: General Version: 1.5.2
Severity: normal Keywords: has-patch dev-feedback
Cc:

Description

If a comment contain a < which is not part of a tag, everything after (and including) that character gets lost (often users will forget to escape such character).

E.g. this: cat <file|tr ...

becomes (after the wp_filter_kses): cat

Attachments

kses_escape_literal_lower_than.patch (0.9 kB) - added by allan on 12/11/05 18:33:02.
Patch to fix the problem

Change History

12/11/05 18:33:02 changed by allan

  • attachment kses_escape_literal_lower_than.patch added.

Patch to fix the problem

02/12/06 05:39:37 changed by markjaquith

  • keywords set to bg|has-patch.
  • owner changed from anonymous to markjaquith.
  • status changed from new to assigned.

08/14/06 05:53:31 changed by error

  • keywords changed from bg|has-patch to bg|has-patch bg|dev-feedback.
  • milestone set to 2.1.

Verified present in 2.0.4.

12/01/06 11:17:11 changed by matt

  • milestone changed from 2.1 to 2.2.

03/25/07 02:21:36 changed by rob1n

I believe this is because KSES strips elements that are horribly formed (an open <, and continued text), which, technically, could be an element.

03/27/07 20:09:29 changed by foolswisdom

  • keywords changed from bg|has-patch bg|dev-feedback to has-patch dev-feedback.
  • milestone changed from 2.2 to 2.3.

07/19/07 16:09:19 changed by westi

  • status changed from assigned to closed.
  • resolution set to duplicate.

I believe this has been fixed by the changes for #4409

07/19/07 17:33:05 changed by Nazgul

  • milestone deleted.