Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
07/09/2013 07:04:17 PM (11 years ago)
Author:
boonebgorges
Message:

Improved sanitization when outputting template_notice messages

  • Strip slashes from cookie contents before attempting to display
  • Use kses for sanitization of message content

Props nacin

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-core/bp-core-filters.php

    r7228 r7256  
    5252add_filter( 'bp_core_render_message_content', 'wpautop'           );
    5353add_filter( 'bp_core_render_message_content', 'shortcode_unautop' );
     54add_filter( 'bp_core_render_message_content', 'wp_kses_data', 5   );
    5455
    5556/**
Note: See TracChangeset for help on using the changeset viewer.