WordPress.org

Make WordPress Core

Changeset 12169


Ignore:
Timestamp:
11/12/09 02:37:28 (6 years ago)
Author:
markjaquith
Message:

Some extra XSS protection. Redundant, but we should always escape late! see #11119

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/press-this.php

    r12168 r12169  
    583583                        if ( $selection ) 
    584584                            _e('via '); 
    585                         echo "<a href='$url'>$title</a>.</p>"; 
     585                        printf( "<a href='%s'>%s</a>.</p>", esc_url( $url ), esc_html( $title ) ); 
    586586                    } 
    587587                ?></textarea> 
Note: See TracChangeset for help on using the changeset viewer.