Context Navigation

Changeset 6866

Timestamp:

10/08/2018 09:14:07 PM (6 years ago)

Author:

johnjamesjacoby

Message:

General: unslash IP and user agent strings.

These are only used in ways where slashed values are undesirable.

File:

-                      r6789
+                      r6866
     // Check for remote address
     $remote_address = ! empty( $_SERVER['REMOTE_ADDR'] )
         ? $_SERVER['REMOTE_ADDR']
+        ? wp_unslash( $_SERVER['REMOTE_ADDR'] )
         : '127.0.0.1';
 …
 function bbp_current_author_ua() {
     $retval = ! empty( $_SERVER['HTTP_USER_AGENT'] )
         ? mb_substr( $_SERVER['HTTP_USER_AGENT'], 0, 254 )
+        ? mb_substr( wp_unslash( $_SERVER['HTTP_USER_AGENT'] ), 0, 254 )
         : '';

Note: See TracChangeset for help on using the changeset viewer.