Context Navigation

Back to Ticket #32816

Ticket #32816: rmarks-32816-2.diff

File rmarks-32816-2.diff, 1.1 KB (added by RMarks, 9 years ago)
Updated the sanitization test since url defaults to an empty string

src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php

diff --git src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php
index 11b5cd6..c970f2f 100644

  class WP_Customize_Nav_Menu_Item_Setting extends WP_Customize_Setting {
                 $menu_item_value['attr_title'] = wp_unslash( apply_filters( 'excerpt_save_pre', wp_slash( $menu_item_value['attr_title'] ) ) );
                 $menu_item_value['description'] = wp_unslash( apply_filters( 'content_save_pre', wp_slash( $menu_item_value['description'] ) ) );
+                $menu_item_value['url'] = esc_url_raw( $menu_item_value['url'] );
+                if( '' !== $menu_item_value['url'] ) {
+                        $menu_item_value['url'] = esc_url_raw( $menu_item_value['url'] );
+                        if ( '' === $menu_item_value['url'] ) {
+                                return new WP_Error( 'invalid_nav_menu_url', __( 'Invalid URL.' ) ); // Fail sanitization if URL is invalid.
+                        }
+                }
                 if ( 'publish' !== $menu_item_value['status'] ) {
                         $menu_item_value['status'] = 'draft';
+                }

Trac UI Preferences

Download in other formats:

Original Format

Make WordPress Core

Context Navigation

Ticket #32816: rmarks-32816-2.diff

src/wp-includes/customize/class-wp-customize-nav-menu-item-setting.php

Download in other formats: