| 1 | Index: wp-includes/post-template.php |
|---|
| 2 | =================================================================== |
|---|
| 3 | --- wp-includes/post-template.php (revision 19898) |
|---|
| 4 | +++ wp-includes/post-template.php (working copy) |
|---|
| 5 | @@ -292,7 +292,7 @@ |
|---|
| 6 | */ |
|---|
| 7 | function post_class( $class = '', $post_id = null ) { |
|---|
| 8 | // Separates classes with a single space, collates classes for post DIV |
|---|
| 9 | - echo 'class="' . join( ' ', get_post_class( $class, $post_id ) ) . '"'; |
|---|
| 10 | + echo 'class="' . esc_attr( join( ' ', get_post_class( $class, $post_id ) ) ) . '"'; |
|---|
| 11 | } |
|---|
| 12 | |
|---|
| 13 | /** |
|---|
| 14 | @@ -384,7 +384,7 @@ |
|---|
| 15 | */ |
|---|
| 16 | function body_class( $class = '' ) { |
|---|
| 17 | // Separates classes with a single space, collates classes for body element |
|---|
| 18 | - echo 'class="' . join( ' ', get_body_class( $class ) ) . '"'; |
|---|
| 19 | + echo 'class="' . esc_attr( join( ' ', get_body_class( $class ) ) ) . '"'; |
|---|
| 20 | } |
|---|
| 21 | |
|---|
| 22 | /** |
|---|
