id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
22690	Twenty Twelve: twentytwelve_content_nav $nav_id is not validated.	ounziw	lancewillett	"In functions.php of TwentyTwelve Theme, function ""twentytwelve_content_nav"" is defined.

twentytwelve_content_nav takes a parameter called $nav_id. $nav_id is echoed without validated nor escaped.

When careless people write a code like twentytwelve_content_nav( 'nav below' ), it breaks HTML's rule.

{{{
function twentytwelve_content_nav( $nav_id ) {
	global $wp_query;

	if ( $wp_query->max_num_pages > 1 ) : ?>
		<nav id=""<?php echo $nav_id; ?>"" class=""navigation"" role=""navigation"">
...
}}}

I propose to add 
{{{
$nav_id = esc_attr( str_replace(' ','',$nav_id ) );
}}}
 at the beginning of the function definition."	defect (bug)	closed	normal	3.5	Bundled Theme		minor	fixed	has-patch