From b206327acb4aee307a077b7ac0e52de5d438d014 Mon Sep 17 00:00:00 2001
From: Weston Ruter <weston@xwp.co>
Date: Mon, 22 Feb 2016 00:14:25 +0000
Subject: [PATCH] Customize: Fix previewing and updating of nav menu items
 containing slashed/slashable characters.

Prevents slashes from being added when a user without `unfiltered_html` previews a nav menu item containing an apostrophe or some other slashable character, and prevents the loss of an intentional slash (e.g. "\o/") when saving a nav menu item, regardless of capability.

Fixes #35869.

Built from https://develop.svn.wordpress.org/trunk@36608


git-svn-id: http://core.svn.wordpress.org/trunk@36575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 .../class-wp-customize-nav-menu-item-setting.php          | 8 ++++----
 wp-includes/nav-menu.php                                  | 3 +++
 wp-includes/version.php                                   | 2 +-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php b/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
index b89b56cbc0..5317c94c9a 100644
--- a/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
+++ b/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
@@ -639,9 +639,9 @@ class WP_Customize_Nav_Menu_Item_Setting extends WP_Customize_Setting {
 		$menu_item_value['original_title'] = sanitize_text_field( $menu_item_value['original_title'] );
 
 		// Apply the same filters as when calling wp_insert_post().
-		$menu_item_value['title'] = apply_filters( 'title_save_pre', $menu_item_value['title'] );
-		$menu_item_value['attr_title'] = apply_filters( 'excerpt_save_pre', $menu_item_value['attr_title'] );
-		$menu_item_value['description'] = apply_filters( 'content_save_pre', $menu_item_value['description'] );
+		$menu_item_value['title'] = wp_unslash( apply_filters( 'title_save_pre', wp_slash( $menu_item_value['title'] ) ) );
+		$menu_item_value['attr_title'] = wp_unslash( apply_filters( 'excerpt_save_pre', wp_slash( $menu_item_value['attr_title'] ) ) );
+		$menu_item_value['description'] = wp_unslash( apply_filters( 'content_save_pre', wp_slash( $menu_item_value['description'] ) ) );
 
 		$menu_item_value['url'] = esc_url_raw( $menu_item_value['url'] );
 		if ( 'publish' !== $menu_item_value['status'] ) {
@@ -776,7 +776,7 @@ class WP_Customize_Nav_Menu_Item_Setting extends WP_Customize_Setting {
 			$r = wp_update_nav_menu_item(
 				$value['nav_menu_term_id'],
 				$is_placeholder ? 0 : $this->post_id,
-				$menu_item_data
+				wp_slash( $menu_item_data )
 			);
 
 			if ( is_wp_error( $r ) ) {
diff --git a/wp-includes/nav-menu.php b/wp-includes/nav-menu.php
index 9ab678653d..3b878f762b 100644
--- a/wp-includes/nav-menu.php
+++ b/wp-includes/nav-menu.php
@@ -344,6 +344,9 @@ function wp_update_nav_menu_object( $menu_id = 0, $menu_data = array() ) {
 /**
  * Save the properties of a menu item or create a new one.
  *
+ * The menu-item-title, menu-item-description, and menu-item-attr-title are expected
+ * to be pre-slashed since they are passed directly into <code>wp_insert_post()</code>.
+ *
  * @since 3.0.0
  *
  * @param int   $menu_id         The ID of the menu. Required. If "0", makes the menu item a draft orphan.
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 02613898bb..53c2dbf69a 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.5-alpha-36607';
+$wp_version = '4.5-alpha-36608';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.