WordPress.org

Make WordPress Core

Ticket #28195: 28195.18.patch

File 28195.18.patch, 1.1 KB (added by ocean90, 4 years ago)
  • src/wp-admin/includes/ajax-actions.php

     
    26552655        if ( ! $parsed ) {
    26562656                wp_send_json_error( array(
    26572657                        'type' => 'not-embeddable',
    2658                         'message' => sprintf( __( '%s failed to embed.' ), '<code>' . esc_url( $url ) . '</code>' ),
     2658                        'message' => sprintf( __( '%s failed to embed.' ), '<code>' . esc_html( $url ) . '</code>' ),
    26592659                ) );
    26602660        }
    26612661
     
    26852685                // Admin is ssl and the embed is not. Iframes, scripts, and other "active content" will be blocked.
    26862686                wp_send_json_error( array(
    26872687                        'type' => 'not-ssl',
    2688                         'message' => sprintf( __( 'Preview not available. %s cannot be embedded securely.' ), '<code>' . esc_url( $url ) . '</code>' ),
     2688                        'message' => sprintf( __( 'Preview not available. %s cannot be embedded securely.' ), '<code>' . esc_html( $url ) . '</code>' ),
    26892689                ) );
    26902690        }
    26912691
     
    27232723        }
    27242724
    27252725        wp_send_json_success( ob_get_clean() );
    2726 }
    2727  No newline at end of file
     2726}