WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Backtick-escape three sets of HTML entities used in DocBlock descriptions in wp-includes/kses.php. 

Without the escaping, the Code Reference/browser may inadvertently attempt to convert and display entities.

Fixes #30473.

Built from https://develop.svn.wordpress.org/trunk@30720


git-svn-id: http://core.svn.wordpress.org/trunk@30710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Drew Jaynes 2014-12-03 08:47:22 +00:00
parent 31fa5cd4bc
commit 8e5543da53
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
wp-includes/kses.php
View File

@ -1172,8 +1172,8 @@ function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
/** /**
* Converts and fixes HTML entities. * Converts and fixes HTML entities.
* *
* This function normalizes HTML entities. It will convert "AT&T" to the correct * This function normalizes HTML entities. It will convert `AT&T` to the correct
* "AT&T", ":" to ":", "&#XYZZY;" to "&#XYZZY;" and so on. * `AT&T", ":" to ":", "&#XYZZY;" to "&#XYZZY;` and so on.
* *
* @since 1.0.0 * @since 1.0.0
* *
@ -1218,8 +1218,8 @@ function wp_kses_named_entities($matches) {
/** /**
* Callback for wp_kses_normalize_entities() regular expression. * Callback for wp_kses_normalize_entities() regular expression.
* *
* This function helps wp_kses_normalize_entities() to only accept 16-bit values * This function helps {@see wp_kses_normalize_entities()} to only accept 16-bit
* and nothing more for &#number; entities. * values and nothing more for `&#number;` entities.
* *
* @access private * @access private
* @since 1.0.0 * @since 1.0.0
@ -1277,9 +1277,9 @@ function valid_unicode($i) {
/** /**
* Convert all entities to their character counterparts. * Convert all entities to their character counterparts.
* *
* This function decodes numeric HTML entities (A and A). It doesn't do * This function decodes numeric HTML entities (`A` and `A`).
* anything with other entities like ä, but we don't need them in the URL * It doesn't do anything with other entities like ä, but we don't
* protocol whitelisting system anyway. * need them in the URL protocol whitelisting system anyway.
* *
* @since 1.0.0 * @since 1.0.0
* *

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.1-beta2-30719'; $wp_version = '4.1-beta2-30720';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.