Make WordPress Core

Ticket #52458: esc_url_type_safety.patch

File esc_url_type_safety.patch, 425 bytes (added by jipmoors, 4 years ago)

Add a type check before using ltrim

  • src/wp-includes/formatting.php

    diff --git src/wp-includes/formatting.php src/wp-includes/formatting.php
    index b716c6bc1f..a978811151 100644
    function esc_sql( $data ) { 
    43084308function esc_url( $url, $protocols = null, $_context = 'display' ) {
    43094309        $original_url = $url;
    43104310
    4311         if ( '' === $url ) {
     4311        if ( '' === $url || "string" !== gettype( $url ) ) {
    43124312                return $url;
    43134313        }
    43144314