Formatting component

The Formatting component primarily consists of formatting.php in wp-includes. This file contains various escaping and sanitization functions, and other functions for both security and formatting text. This includes two infamous functions with storied WordPress histories, wpautop() and wptexturize(). Formatting also includes kses.php, WordPress’s HTML security filter.

Changes to the Formatting functions generally require extensive unit testing and a consensus of lead developers.  This tends to happen with deliberation across two or more versions.  The easiest way to contribute to this component is to write bug reports or unit tests for existing code.  Remember, all security matters should be reported according to the Security FAQ and are not part of the public Formatting information.

Projects for the 4.4 milestone will focus on supporting the Shortcode API Roadmap, which is deeply entwined with almost every facet of the Formatting functions. Large changes and many bug fixes are needed, and in some ways will also be made possible by the Shortcode plans.

Subcomponents: Emoji, Shortcodes, and Charset.

170 open tickets in the Formatting component

170 open tickets defect (bug) enhancement feature request
1 0 0
4.9.5 2 0 0
5.0 2 1 0
Awaiting Review 69 27 2
Future Release 46 19 1

170 open tickets. Last 7 days: -1 ticket

35 tickets that have no replies

View list on Trac

  • #28972  enhance make_clickable so that it allows for anchor attributes to be passed via an extra array argument. template
  • #33553  Bug with Linebreak before figcaption, fixed and then revert to make a fix elsewhere javascript
  • #34039  shortcode_parse_atts() no longer parses embedded html fragments
  • #36124  Format: Aside next to an embedded video, removes player and only displays URL
  • #36397  add_query_arg doesn't work with numbered html entities
  • #36445  force_balance_tags not properly balancing custom HTML tags with dashes in them
  • #36712  Paragraph tags removed from div elements if script tag is present
  • #37077  Replacing one variable handler for another to ensure proper conditional check occurs 100%.
  • #37085  $allowedposttags doesn't allow form inputs
  • #37613  In Publish metabox content could be arranged properly with smooth animation ui
  • #37814  wpautop losing closing </pre> tags if doubled
  • #38044  Make seems_utf8() RFC 3629 compliant.
  • #38059  'wp_trim_excerpt' is not stripping oembed url's like shortcodes before applying 'the_content' filter performance
  • #38656  wpautop incorrectly handling paragraphs within block elements
  • #39153  Bug in wp_html_split with unclosed PHP tag (or HTML tag <) administration template
  • #39188  Wrapping paragraph tags around 'Read More' link stripped out of custom post type
  • #39636  Smilies not converted when directly followed by punctuation marks
  • #39674  Special characters are encoded in the database, for site settings options administration
  • #39724  Defining custom validation callbacks for tag/attribute values in wp_kses()
  • #39847  force_balance_tags not properly balancing < with <strong> and </strong> ui
  • #40045  HTML code entered using "Text" mode gets garbled
  • #40191  Multiline post content with `<` as first character becomes malformed
  • #40552  Calling wp_parse_args() early, with $args as empty string, may cause fatal error
  • #40569  next_post_link parameters $format and $link, have default values that produce awkward to use output
  • #41633  Textbox and buttons are not aligned properly ui
  • #42058  Unit test for _autop_newline_preservation_helper()
  • #42182  esc_js must escape U+2028 and U+2029
  • #42410  wpautop() breaks HTML (missing start tag p)
  • #42748  wpautop adds an extra <p>
  • #42969  Post Format Custom Field
  • #43155  Formatting bug with ampasands – WooCommerce Layered Nav
  • #43156  _walk_bookmarks(): please add the link id as HTML id attribute.
  • #43205  Allow filtering the list of characters to be replaced by wptexturize
  • #43224  Extract `$utf8_pcre` from `wp_check_invalid_utf8()` into a separate function
  • #43313  wptexturise uses the wrong curly quote after a closing link tag

3 tickets slated for 5.0

View list in Trac

  • #2691  HTML comments in posts aren't handled properly.
  • #12056  target="_blank" being stripped from Profile Bio and Category Description
  • #41450  sanitize_text_field() assumes the field is a string

170 open tickets

Open bugs: 120. View list on Trac

Help maintain this component

Component maintainers:

Many contributors help maintain one or more components. These maintainers are vital to keeping WordPress development running as smoothly as possible. They triage new tickets, look after existing ones, spearhead or mentor tasks, pitch new ideas, curate roadmaps, and provide feedback to other contributors. Longtime maintainers with a deep understanding of particular areas of core are always seeking to mentor others to impart their knowledge.

Want to help? Start following this component! Adjust your notifications here. Feel free to dig into any ticket.

Contributors following this component: