Changeset 7256 for trunk/bp-core/bp-core-filters.php

Timestamp:

07/09/2013 07:04:17 PM (12 years ago)

Author:

boonebgorges

Message:

Improved sanitization when outputting template_notice messages

• Strip slashes from cookie contents before attempting to display
• Use kses for sanitization of message content

Props nacin

File:

• trunk/bp-core/bp-core-filters.php (modified) (1 diff)

trunk/bp-core/bp-core-filters.php

@@ -52 +52 @@
 add_filter( 'bp_core_render_message_content', 'wpautop'           );
 add_filter( 'bp_core_render_message_content', 'shortcode_unautop' );
+add_filter( 'bp_core_render_message_content', 'wp_kses_data', 5   );
 
 /**