Ticket #56064: 56064.patch
File 56064.patch, 1.2 KB (added by , 2 years ago) |
---|
-
src/wp-admin/includes/media.php
145 145 } 146 146 147 147 if ( $url ) { 148 $html = '<a href="' . esc_ attr( $url ) . '"' . $rel . '>' . $html . '</a>';148 $html = '<a href="' . esc_url( $url ) . '"' . $rel . '>' . $html . '</a>'; 149 149 } 150 150 151 151 /** … … 1269 1269 return " 1270 1270 <input type='text' class='text urlfield' name='attachments[$post->ID][url]' value='" . esc_attr( $url ) . "' /><br /> 1271 1271 <button type='button' class='button urlnone' data-link-url=''>" . __( 'None' ) . "</button> 1272 <button type='button' class='button urlfile' data-link-url='" . esc_ attr( $file ) . "'>" . __( 'File URL' ) . "</button>1273 <button type='button' class='button urlpost' data-link-url='" . esc_ attr( $link ) . "'>" . __( 'Attachment Post URL' ) . '</button>1272 <button type='button' class='button urlfile' data-link-url='" . esc_url( $file ) . "'>" . __( 'File URL' ) . "</button> 1273 <button type='button' class='button urlpost' data-link-url='" . esc_url( $link ) . "'>" . __( 'Attachment Post URL' ) . '</button> 1274 1274 '; 1275 1275 } 1276 1276