Comments: Improve comment content filtering.

Built from https://develop.svn.wordpress.org/trunk@44842 git-svn-id: http://core.svn.wordpress.org/trunk@44674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
WordPress · Mar 12, 2019 · 0292de6 · 0292de6
1 parent 2504efc
commit 0292de6
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 1 deletion.
diff --git a/wp-admin/includes/ajax-actions.php b/wp-admin/includes/ajax-actions.php
@@ -1214,6 +1214,8 @@ function wp_ajax_replyto_comment( $action ) {
 			if ( wp_create_nonce( 'unfiltered-html-comment' ) != $_POST['_wp_unfiltered_html_comment'] ) {
 				kses_remove_filters(); // start with a clean slate
 				kses_init_filters(); // set up the filters
+				remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
+				add_filter( 'pre_comment_content', 'wp_filter_kses' );
 			}
 		}
 	} else {

diff --git a/wp-includes/comment.php b/wp-includes/comment.php
@@ -3243,6 +3243,8 @@ function wp_handle_comment_submission( $comment_data ) {
 			) {
 				kses_remove_filters(); // start with a clean slate
 				kses_init_filters(); // set up the filters
+				remove_filter( 'pre_comment_content', 'wp_filter_post_kses' );
+				add_filter( 'pre_comment_content', 'wp_filter_kses' );
 			}
 		}
 	} else {

diff --git a/wp-includes/version.php b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.2-alpha-44833';
+$wp_version = '5.2-alpha-44842';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.