Changeset 2452 for sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-developer/inc/formatting.php

Timestamp:

02/03/2016 09:44:26 PM (8 years ago)

Author:

coffee2code

Message:

developer.wordpress.org: Prevent double-encoding of HTML entities in parameter descriptions.

File:

• sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-developer/inc/formatting.php (modified) (1 diff)

sites/trunk/wordpress.org/public_html/wp-content/themes/pub/wporg-developer/inc/formatting.php

@@ -220 +220 @@
      */
     public static function format_param_description( $text ) {
-        // Encode all htmlentities.
-        $text = htmlentities( $text );
+        // Encode all htmlentities (but don't double-encode).
+        $text = htmlentities( $text, ENT_COMPAT | ENT_HTML401, 'UTF-8', false );
 
         // Simple allowable tags that should get unencoded.