Last active
August 24, 2016 21:32
-
-
Save tannerhodges/56a23b7d03aac72ca51db538723430ed to your computer and use it in GitHub Desktop.
Hacks (that should never be used) to unescape quotes in meta tags in WordPress
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // HACK #1: Replace escaped quotes | |
| ob_start(); | |
| wp_head(); | |
| echo str_replace(''', '’', ob_get_clean()); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php // wp-includes/formatting.php | |
| // HACK #2: Drop `ENT_QUOTES` from `esc_attr` in the WordPress core | |
| /** | |
| * Escaping for HTML attributes. | |
| * | |
| * @since 2.8.0 | |
| * | |
| * @param string $text | |
| * @return string | |
| */ | |
| function esc_attr( $text ) { | |
| $safe_text = wp_check_invalid_utf8( $text ); | |
| // BEFORE | |
| // $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES ); | |
| // AFTER | |
| $safe_text = _wp_specialchars( $safe_text ); | |
| /** | |
| * Filters a string cleaned and escaped for output in an HTML attribute. | |
| * | |
| * Text passed to esc_attr() is stripped of invalid or special characters | |
| * before output. | |
| * | |
| * @since 2.0.6 | |
| * | |
| * @param string $safe_text The text after it has been escaped. | |
| * @param string $text The text prior to being escaped. | |
| */ | |
| return apply_filters( 'attribute_escape', $safe_text, $text ); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment