Changeset 11721 for trunk/wp-includes/comment-template.php

Timestamp:

07/18/2009 11:21:50 PM (16 years ago)

Author:

azaozz

Message:

Properly escape comment_author_url when displaying, for trunk

File:

• trunk/wp-includes/comment-template.php (modified) (1 diff)

trunk/wp-includes/comment-template.php

@@ -195 +195 @@
     global $comment;
     $url = ('http://' == $comment->comment_author_url) ? '' : $comment->comment_author_url;
+    $url = esc_url( $url, array('http', 'https') );
     return apply_filters('get_comment_author_url', $url);
 }