diff --git a/wp-comments-post.php b/wp-comments-post.php
index 82ab6f65e5..2e561b2681 100644
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@@ -54,7 +54,7 @@ $comment = get_comment($comment_id);
 if ( !$user->ID ) :
 	setcookie('comment_author_' . COOKIEHASH, $comment->comment_author, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
 	setcookie('comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
-	setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->$comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
+	setcookie('comment_author_url_' . COOKIEHASH, clean_url($comment->comment_author_url), time() + 30000000, COOKIEPATH, COOKIE_DOMAIN);
 endif;
 
 $location = ( empty( $_POST['redirect_to'] ) ) ? get_permalink( $comment_post_ID ) : $_POST['redirect_to']; 
diff --git a/wp-includes/comment-functions.php b/wp-includes/comment-functions.php
index 4a5f676685..2c6546d2af 100644
--- a/wp-includes/comment-functions.php
+++ b/wp-includes/comment-functions.php
@@ -7,9 +7,25 @@ function comments_template( $file = '/comments.php' ) {
 
 	if ( is_single() || is_page() || $withcomments ) :
 		$req = get_settings('require_name_email');
-		$comment_author = isset($_COOKIE['comment_author_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_'.COOKIEHASH])) : '';
-		$comment_author_email = isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_email_'.COOKIEHASH])) : '';
-		$comment_author_url = isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ? trim(stripslashes($_COOKIE['comment_author_url_'.COOKIEHASH])) : '';
+		$comment_author = '';
+		if ( isset($_COOKIE['comment_author_'.COOKIEHASH]) ) {
+			$comment_author = apply_filters('pre_comment_author_name', $_COOKIE['comment_author_'.COOKIEHASH]);
+			$comment_author = stripslashes($comment_author);
+			$comment_author = wp_specialchars($comment_author, true);
+		}
+		$comment_author_email = '';
+		if ( isset($_COOKIE['comment_author_email_'.COOKIEHASH]) ) {
+			$comment_author_email = apply_filters('pre_comment_author_email', $_COOKIE['comment_author_email_'.COOKIEHASH]);
+			$comment_author_email = stripslashes($comment_author_email);
+			$comment_author_email = wp_specialchars($comment_author_email, true);		
+		}
+		$comment_author_url = '';
+		if ( isset($_COOKIE['comment_author_url_'.COOKIEHASH]) ) {
+			$comment_author_url = apply_filters('pre_comment_author_url', $_COOKIE['comment_author_url_'.COOKIEHASH]);
+			$comment_author_url = stripslashes($comment_author_url);
+			$comment_author_url = wp_specialchars($comment_author_url, true);		
+		}
+
 	if ( empty($comment_author) ) {
 		$comments = $wpdb->get_results("SELECT * FROM $wpdb->comments WHERE comment_post_ID = '$post->ID' AND comment_approved = '1' ORDER BY comment_date");
 	} else {
diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php
index fcf0f3c7df..3d398c0850 100644
--- a/wp-includes/default-filters.php
+++ b/wp-includes/default-filters.php
@@ -24,10 +24,8 @@ add_filter('pre_comment_author_url', 'strip_tags');
 add_filter('pre_comment_author_url', 'trim');
 add_filter('pre_comment_author_url', 'clean_url');
 
-add_filter('pre_comment_content', 'stripslashes', 1);
 add_filter('pre_comment_content', 'wp_rel_nofollow', 15);
 add_filter('pre_comment_content', 'balanceTags', 30);
-add_filter('pre_comment_content', 'addslashes', 50);
 
 add_filter('pre_comment_author_name', 'wp_filter_kses');
 add_filter('pre_comment_author_email', 'wp_filter_kses');
diff --git a/wp-includes/functions-formatting.php b/wp-includes/functions-formatting.php
index c593bc862b..feae447a07 100644
--- a/wp-includes/functions-formatting.php
+++ b/wp-includes/functions-formatting.php
@@ -579,7 +579,11 @@ function make_clickable($ret) {
 }
 
 function wp_rel_nofollow( $text ) {
+	global $wpdb;
+	// This is a pre save filter, so text is already escaped.
+	$text = stripslashes($text);
 	$text = preg_replace('|<a (.+?)>|i', '<a $1 rel="nofollow">', $text);
+	$text = $wpdb->escape($text);
 	return $text;
 }
 
diff --git a/wp-includes/kses.php b/wp-includes/kses.php
index 3cc8bab1a8..42a27c0741 100644
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@@ -531,14 +531,6 @@ function kses_init_filters() {
 
 	// Post filtering
 	add_filter('content_save_pre', 'wp_filter_post_kses');
-
-	// Strip all html.
-	add_filter('pre_comment_author_name', 'wp_filter_nohtml_kses');
-	add_filter('pre_comment_author_url', 'wp_filter_nohtml_kses');
-	add_filter('pre_comment_author_email', 'wp_filter_nohtml_kses');
-	add_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses');
-	add_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses');
-	add_filter('pre_user_id', 'wp_filter_nohtml_kses');
 }
 
 function kses_remove_filters() {
@@ -548,14 +540,6 @@ function kses_remove_filters() {
 
 	// Post filtering
 	remove_filter('content_save_pre', 'wp_filter_post_kses');
-
-	// Strip all html.
-	remove_filter('pre_comment_author_name', 'wp_filter_nohtml_kses');
-	remove_filter('pre_comment_author_url', 'wp_filter_nohtml_kses');
-	remove_filter('pre_comment_author_email', 'wp_filter_nohtml_kses');
-	remove_filter('pre_comment_user_ip', 'wp_filter_nohtml_kses');
-	remove_filter('pre_comment_user_agent', 'wp_filter_nohtml_kses');
-	remove_filter('pre_user_id', 'wp_filter_nohtml_kses');
 }
 
 function kses_init() {