Forums

WordPress › Support » Miscellaneous

_wp_unfiltered_html_comment (5 posts)

  1. MikeCherim
    Member
    Posted 4 years ago #

    When logged in I see a hidden input as part of the comment form in the source.

    <input type="hidden" name="_wp_unfiltered_html_comment" value="sOmE-nUmBeRs-HeRe" />

    It is output by the do_action() function. Its seems that it enables me, as the author/admin and logged in (as I don't see it if I'm not), to write any HTML I wish in the comments form -- or at least that's what the name suggests. I don't see this output on my other blogs, though. But they are versions older than 2.0.10, even though they, too, have the do_action() function.

    This is normal?
    Was it part of the change from 2.0.9 to 2.0.10?

    Thanks.

  2. MikeCherim
    Member
    Posted 4 years ago #

    Anyone?

  3. jwilliams
    Member
    Posted 3 years ago #

    Mike,

    I'm seeing the same thing still on wordpress 2.5.1. Trouble is, it causes a warning to be raised against XHTML 1.0 Strict. Sort of obnoxious.

    Jameson

  4. Ivovic
    Member
    Posted 3 years ago #

    when does your HTML validator login as someone with privilege to post unfiltered comments? More importantly, when is a search engine going to do it?

  5. Lester Chan
    Member
    Posted 3 years ago #

    http://wordpress.org/support/topic/177476?replies=3

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags