Support » Requests and Feedback » Stop converting `]]>`s to `]]& gt;`s

  • I have to separate & and gt to prevent from being converted.

    I write polygot (X)HTML. Therefore, there are many necessary CDATAs in scripts. However, WordPress converts ]]>s into ]]& gt;s, and this is unstoppable because it is not a filter.

    See wp-includes/post-template.php:167

    We may disagree on that which should be the default behavior, but why not make it a filter? If it were a filter,

    1. I can remove it or use another filter to make it up.
    2. This makes code more maintainable.

    Nevertheless, it is hard-coded and runs after all filters. The only solution is to modify wp-includes/post-template.php, and I have to remember this after each update.

    This issue has been here for over 3 years, but it is easy to fix.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Moderator Ipstenu (Mika Epstein)


    🏳️‍🌈 Plugin Review Team Rep

    Are you trying to insert this code into the content of a post/page?

    Yes. I know is some cases, users put ]]> but does not mean that, like

    <pre><code><![CDATA[ ]]></code></pre>

    However, in

    <script><![CDATA[ ]]></script>

    ]]> is correct.

    I code it directly, but if a plugin use a filter, things do not change because the conversion runs after filters.

    Yep – this is a really annoying bug!

    @wordpress developers: If it is neccessary to do this replacement (when? why?) do this using a filter, so one can at least disable the filter when neccessary!

    Moderator Ipstenu (Mika Epstein)


    🏳️‍🌈 Plugin Review Team Rep

    Well… You’re not supposed to be putting in that kind of code in post content. You’re supposed to put text. If you need to insert scripts, you should use shortcodes.

    The problem is – even the generated code of shortcodes gets manipulated this way!


    I use the “insert php” plugin to embed a PHP script which generates a chart using RGraph which is a JavaScript library (see

    I also extended the “insert php” plugin to output “raw” html without wp_texturize() etc. so the output of the embedded PHP script will be used WITHOUT any modification – since I KNOW how to generate valid HTML and JavaScript:

    This chart shows the number of visits of the webserver. The data points show the exact value as tooltip when you touch them using the mouse.
    The chart was created using <a href="">RGraph</a>. The data will be updated daily, based on the reports of <a href="">AWStats</a> on this server.

    Everything seemed to be fine – until I realized, that the_content() still replaces “]]>” with “]]” followed by an “amp”-entity which makes the CDATA block invalid – even though I removed ANY filter for the output (“& gt;” is of course without the space in the code – but that’s the only way to cite the code here without getting the entity being replaced by “>” in this post):

    function the_content( $more_link_text = null, $strip_teaser = false) {
    	$content = get_the_content( $more_link_text, $strip_teaser );
    	$content = apply_filters( 'the_content', $content );
    	$content = str_replace( ']]>', ']]& gt;', $content );
    	echo $content;

    That’s the point – and not just adding CDATA blocks manually in posts or pages.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Stop converting `]]>`s to `]]& gt;`s’ is closed to new replies.