From 1d1581b660962cdf4536d1668f4c6ce76276a89a Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Sun, 21 Nov 2021 17:17:02 +0000 Subject: [PATCH] KSES: Use correct global in `wp_kses_xml_named_entities()`. This fixes a discrepancy where the the global name used in the function did not match the one declared at the beginning of `kses.php`, and ensures that the function gets the correct array of allowed XML entity names. Includes unit tests. Follow-up to [48072]. Props ovidiul, costdev, peterwilsoncc, SergeyBiryukov. Fixes #54060. Built from https://develop.svn.wordpress.org/trunk@52229 git-svn-id: http://core.svn.wordpress.org/trunk@51821 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/kses.php | 10 +++++----- wp-includes/version.php | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/wp-includes/kses.php b/wp-includes/kses.php index 2ee8aee5a0..b77d501333 100644 --- a/wp-includes/kses.php +++ b/wp-includes/kses.php @@ -459,7 +459,7 @@ if ( ! CUSTOM_TAGS ) { ); /** - * @var string[] $allowedentitynames Array of KSES allowed HTML entitity names. + * @var string[] $allowedentitynames Array of KSES allowed HTML entity names. * @since 1.0.0 */ $allowedentitynames = array( @@ -719,10 +719,10 @@ if ( ! CUSTOM_TAGS ) { ); /** - * @var string[] $allowedxmlentitynames Array of KSES allowed XML entitity names. + * @var string[] $allowedxmlentitynames Array of KSES allowed XML entity names. * @since 5.5.0 */ - $allowedxmlnamedentities = array( + $allowedxmlentitynames = array( 'amp', 'lt', 'gt', @@ -1906,7 +1906,7 @@ function wp_kses_named_entities( $matches ) { * @return string Correctly encoded entity. */ function wp_kses_xml_named_entities( $matches ) { - global $allowedentitynames, $allowedxmlnamedentities; + global $allowedentitynames, $allowedxmlentitynames; if ( empty( $matches[1] ) ) { return ''; @@ -1914,7 +1914,7 @@ function wp_kses_xml_named_entities( $matches ) { $i = $matches[1]; - if ( in_array( $i, $allowedxmlnamedentities, true ) ) { + if ( in_array( $i, $allowedxmlentitynames, true ) ) { return "&$i;"; } elseif ( in_array( $i, $allowedentitynames, true ) ) { return html_entity_decode( "&$i;", ENT_HTML5 ); diff --git a/wp-includes/version.php b/wp-includes/version.php index af385ba585..c5812430b0 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '5.9-alpha-52228'; +$wp_version = '5.9-alpha-52229'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.