Making WordPress.org

Opened 4 years ago

Closed 4 years ago

#5395 closed defect (bug) (duplicate)

Encode HTML tags in Make comments

Reported by: jonoaldersonwp's profile jonoaldersonwp Owned by:
Milestone: Priority: low
Component: Make (Get Involved) / P2 Keywords: seo
Cc:

Description

The comment at view-source:https://make.wordpress.org/core/2015/10/20/document-title-in-4-4/ contains a <title> tag, which incorrectly parsed as HTML. This causes SEO problems, invalidates the HTML, and causes incorrect truncation of the comment.

HTML tags used in commments should always be suitably escaped/processed.

Change History (2)

#1 @dd32
4 years ago

Just noting I've edited out the tag in question.

WordPress comments should be escaping HTML by default or at least limiting the range of HTML (It is, but seems to allow title tags), I suspect this might be a bug in o2.

#2 @dd32
4 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #5439.

Note: See TracTickets for help on using tickets.