WordPress.org

Making WordPress.org

#5395 closed defect (duplicate)

Encode HTML tags in Make comments

Reported by: jonoaldersonwp Owned by:
Milestone: Priority: low
Component: Make (Get Involved) / P2 Keywords: seo
Cc:

Description

The comment at view-source:https://make.wordpress.org/core/2015/10/20/document-title-in-4-4/ contains a <title> tag, which incorrectly parsed as HTML. This causes SEO problems, invalidates the HTML, and causes incorrect truncation of the comment.

HTML tags used in commments should always be suitably escaped/processed.

Change History (2)

#1 @dd32
15 months ago

Just noting I've edited out the tag in question.

WordPress comments should be escaping HTML by default or at least limiting the range of HTML (It is, but seems to allow title tags), I suspect this might be a bug in o2.

#2 @dd32
15 months ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #5439.

Note: See TracTickets for help on using tickets.