Ticket #2857: 2857b.diff
| File 2857b.diff, 1.2 KB (added by Nazgul, 6 years ago) |
|---|
-
wp-includes/functions.php
806 806 } 807 807 808 808 function wp_nonce_url($actionurl, $action = -1) { 809 return add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl);809 return wp_specialchars(add_query_arg('_wpnonce', wp_create_nonce($action), $actionurl)); 810 810 } 811 811 812 812 function wp_nonce_field($action = -1) { -
wp-includes/script-loader.php
62 62 if ( !in_array($handle, $this->printed) && isset($this->scripts[$handle]) ) { 63 63 $ver = $this->scripts[$handle]->ver ? $this->scripts[$handle]->ver : $wp_db_version; 64 64 if ( isset($this->args[$handle]) ) 65 $ver .= '& ' . $this->args[$handle];65 $ver .= '&' . $this->args[$handle]; 66 66 $src = 0 === strpos($this->scripts[$handle]->src, 'http://') ? $this->scripts[$handle]->src : get_settings( 'siteurl' ) . $this->scripts[$handle]->src; 67 67 echo "<script type='text/javascript' src='$src?ver=$ver'></script>\n"; 68 68 $this->printed[] = $handle;
