From 20c5d823bc9c3483faac35e919815480f6a09d3d Mon Sep 17 00:00:00 2001
From: nacin <nacin@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Tue, 8 Feb 2011 20:17:09 +0000
Subject: [PATCH] Use wp_kses_post instead of wp_kses_data for a better balance
 between security and flexibility. fixes #16489 for trunk.

git-svn-id: http://svn.automattic.com/wordpress/trunk@17422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/default-filters.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/wp-includes/default-filters.php b/wp-includes/default-filters.php
index af056a9e6..dc85c7ad6 100644
--- a/wp-includes/default-filters.php
+++ b/wp-includes/default-filters.php
@@ -36,9 +36,10 @@ foreach ( array( 'pre_term_description', 'pre_link_description', 'pre_link_notes
 
 // Kses only for textarea admin displays
 if ( is_admin() ) {
-	foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description', 'comment_text' ) as $filter ) {
+	foreach ( array( 'term_description', 'link_description', 'link_notes', 'user_description' ) as $filter ) {
 		add_filter( $filter, 'wp_kses_data' );
 	}
+	add_filter( 'comment_text', 'wp_kses_post' );
 }
 
 // Email saves