WordPress logo and Horse Emoji as a graphic

Are you vulnerable from attack? Neigh…

Emoji in WordPress = 🐴🚨🚫👍

I wanted to post quickly about what Brian Krogsgard coined The Trojan Emoji.

This seemed to many as frivolous, unimportant and most useless feature ever. (These comments were three months old at the time of this posting May 10, 2015)

What a lot of people didn’t realize even at that time was that the 4-byte unicode characters in WordPress that makes those fun emoji’s happened also allows for Chinese, Japanese and Korean characters is important to making WordPress more global.

I had even played around with the development plugin Gary Pendergast was creating to solve this problem it was affectionately called x1f4a9 or 💩, I though this is cool, can I make this work on my local installation running trunk and oh my that Gary Pendergast is one funny dude.

Little did I know… Little did we all know…

Except for a couple people on the WordPress security team. No one really knew how important enabling emoji support were going to be to fixing the security with in WordPress until Andrew Nacin spoke at the recent Loop Conf.

I wasn’t able to attend Loop Conf in person but they had an amazing live stream which was  completely free (major props organizers) and Nacin walks us through the Anatomy of a Critical Software Bug.

I had a hard time following the code in Nacin’s talk it was well over my head. Ryan D Sullivan tweet exemplifies this completely. But instead I tried following the story. As Nacin walks us through a two year journey to fix a vulnerability and it was a fascinating story.

A lot of patches in WordPress aren’t this hard… but they are similar rabbit holes of problem solving to make something better.

Leave a Reply

Your email address will not be published. Required fields are marked *