Ticket #3095 (closed defect: fixed)

Opened 2 years ago

Last modified 1 year ago

Can't escape characters for date format in Options > General

Reported by: pandem Assigned to: mdawaffe
Priority: low Milestone: 2.3
Component: Administration Version: 2.1
Severity: minor Keywords:
Cc:

Description

Backslashes are stripped; adding a second backslash to escape the first one only makes it visible.

Attachments

3095.diff (2.5 kB) - added by mdawaffe on 10/04/06 09:29:47.
3095b.diff (2.6 kB) - added by mdawaffe on 10/04/06 09:49:07.
default

Change History

10/04/06 09:29:47 changed by mdawaffe

  • attachment 3095.diff added.

10/04/06 09:35:11 changed by mdawaffe

  • owner changed from anonymous to mdawaffe.
  • status changed from new to assigned.
  • milestone set to 2.1.

wp_kses_filters() stripslashes then addslashes, so we shouldn't stripslash stuff before it goes in.

3095.diff for trunk:

  1. Moves stripslashes() to sanitize_option() cases that need them.
  2. strip_tags() seems to do its job even without having first stripslashed. Can someone confirm for the sake of security?

I did not create a patch for 2.0.5. I can if this is deemed secure.

10/04/06 09:49:07 changed by mdawaffe

  • attachment 3095b.diff added.

default

10/04/06 11:04:16 changed by markjaquith

[4329]

mdawaffe and I tried to break this, but couldn't.

Would appreciate special attention here, as this sort of thing has security implications if not done right. Will leave the ticket open and refrain from porting this to /branches/2.0/ until we're sure it's secure.

10/04/06 11:29:07 changed by mdawaffe

It should be fine. I think strip_tags() is in there only for efficiency. Even if someone can get around strip_tags() via some crazy slashing (which I don't *think* is possible), kses should get them.

But I'm with markjaquith: more eyes.

11/29/06 21:16:02 changed by matt

  • milestone changed from 2.1 to 2.2.

04/12/07 04:47:18 changed by rob1n

  • milestone changed from 2.2 to 2.3.

08/14/07 16:16:56 changed by Nazgul

  • status changed from assigned to closed.
  • resolution set to fixed.

I think this has been in trunk long enough to mark it as fixed.