WordPress.org

Make WordPress Core

Changeset 22373


Ignore:
Timestamp:
11/05/2012 06:04:50 PM (9 years ago)
Author:
ryan
Message:

Use esc_attr() for attributes. Props johnjamesjacoby. fixes #22327

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/template.php

    r22099 r22373  
    11141114        echo '<tr valign="top">';
    11151115        if ( !empty($field['args']['label_for']) )
    1116             echo '<th scope="row"><label for="' . $field['args']['label_for'] . '">' . $field['title'] . '</label></th>';
     1116            echo '<th scope="row"><label for="' . esc_attr( $field['args']['label_for'] ) . '">' . $field['title'] . '</label></th>';
    11171117        else
    11181118            echo '<th scope="row">' . $field['title'] . '</th>';
Note: See TracChangeset for help on using the changeset viewer.