Make WordPress Core

Opened 15 years ago

Closed 15 years ago

#8691 closed defect (bug) (fixed)

wp_widget_recent_comments not passing W3C validation (permalinks disabled only)

Reported by: danlee's profile danlee Owned by: danlee's profile danlee
Milestone: 2.8 Priority: low
Severity: normal Version: 2.7
Component: General Keywords: widget recent comment has-patch tested commit
Focuses: Cc:

Description

There is currently a small but in the recent comments widget that come's with WP 2.7, and possible as early as 2.2 when the widget was first added.

When you attempt to validate a page that has the recent comments widget enabled and permalinks disabled, you will get a w3c validation error.

This is just a sample to show you the error.

Line 117, Column 259: cannot generate system identifier for general entity "cpage".

…href="http://localhost/?p=1&cpage=1#comment-1">Hello world!</a></li>

✉

An entity reference was found in the document, but there is no reference by that name defined. Often this is caused by misspelling the reference name, unencoded ampersands, or by leaving off the trailing semicolon (;). The most common cause of this error is unencoded ampersands in URLs as described by the WDG in "Ampersands in URLs".

Entity references start with an ampersand (&) and end with a semicolon (;). If you want to use a literal ampersand in your document you must encode it as "&amp;" (even inside URLs!). Be careful to end entity references with a semicolon or your entity reference may get interpreted in connection with the following text. Also keep in mind that named entity references are case-sensitive; &Aelig; and &aelig; are different characters.

If this error appears in some markup generated by PHP's session handling code, this article has explanations and solutions to your problem.

Note that in most documents, errors related to entity references will trigger up to 5 separate messages from the Validator. Usually these will all disappear when the original problem is fixed.

The error is caused because the widget does not clean up the & to &amp;

There is an easy fix that requires only one file modification to wp-includes/widgets.php

I have attached a diff to show the fix.

Attachments (1)

patch.diff (814 bytes) - added by danlee 15 years ago.

Download all attachments as: .zip

Change History (8)

@danlee
15 years ago

#1 @danlee
15 years ago

  • Keywords has-patch tested added

#2 in reply to: ↑ description @danlee
15 years ago

I have tested this patch on a live server and a test server w/ permalinks enabled and disabled.

Tested on WP version 2.7

#3 @Viper007Bond
15 years ago

  • Keywords commit added

Looks good to me.

#4 @ryan
15 years ago

clean_url() should escape ampersands. I think that's what we usually use.

#5 @azaozz
15 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [10307]) Clean URL in recent comments widget, props danlee, fixes #8691 for 2.7

#6 @azaozz
15 years ago

  • Milestone changed from 2.7.1 to 2.8
  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopen for trunk

#7 @azaozz
15 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [10308]) Clean URL in recent comments widget, props danlee, fixes #8691 for trunk

Note: See TracTickets for help on using tickets.