Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

kses for sitemap content #34

Open
mjangda opened this issue Nov 20, 2013 · 1 comment

Comments

Projects
None yet
3 participants
@mjangda
Copy link
Member

commented Nov 20, 2013

Currently, the generated sitemap content for each day is stored in meta. We just output the meta as-is, presuming it to be safe. This isn't ideal and we should see if we can uses kses to clean the data before outputting it.

@pkevan

This comment has been minimized.

Copy link
Contributor

commented Mar 3, 2014

I think this was more of an issue when we were just adding XML to post meta, before we used SimpleXMLElement the data.

We could harden up the filters in https://github.com/Automattic/msm-sitemap/blob/master/msm-sitemap.php#L428-L439. I don't think https://github.com/Automattic/msm-sitemap/blob/master/msm-sitemap.php#L437 does anything anyway

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.