25 February 2005

WordPress 1.5 Ampersand Escaping Bug

Posted under: at 12:34

I found an irritating bug in WordPress 1.5: ampersands in blogroll URLs don’t get properly escaped. Thus, blogrolls that contains URL with ampersand in it don’t validate.

Quick fix: modify wp-includes/links.php around line 206 like this (add the line with + in front of it)

    if ('' != $target) {
        $target = " target='$target'";
    + $the_link = htmlspecialchars($the_link);
    echo("<a href='$the_link'");

15 Responses

Trackback: Use this URI to trackback this entry. Use your web browser's function to copy it to your blog posting.

Comment RSS: You can track conversation in this page by using this page's Comments RSS (XML)

Gravatar: You can have a picture next to each of your comments by getting a Gravatar.

Leave a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Warning: Comments carrying links to questionable sites will be removed!