WordPress.org

Make WordPress Core

Changeset 28462


Ignore:
Timestamp:
05/16/2014 10:30:04 PM (7 years ago)
Author:
lancewillett
Message:

Twenty Fourteen: correct escaping for parent post link and attachment link in image template. Props philiparthurmoore, see #28251.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-content/themes/twentyfourteen/image.php

    r26699 r28462  
    2929                        <span class="entry-date"><time class="entry-date" datetime="<?php echo esc_attr( get_the_date( 'c' ) ); ?>"><?php echo esc_html( get_the_date() ); ?></time></span>
    3030
    31                         <span class="full-size-link"><a href="<?php echo wp_get_attachment_url(); ?>"><?php echo $metadata['width']; ?> &times; <?php echo $metadata['height']; ?></a></span>
     31                        <span class="full-size-link"><a href="<?php echo esc_url( wp_get_attachment_url() ); ?>"><?php echo $metadata['width']; ?> &times; <?php echo $metadata['height']; ?></a></span>
    3232
    33                         <span class="parent-post-link"><a href="<?php echo get_permalink( $post->post_parent ); ?>" rel="gallery"><?php echo get_the_title( $post->post_parent ); ?></a></span>
     33                        <span class="parent-post-link"><a href="<?php echo esc_url( get_permalink( $post->post_parent ) ); ?>" rel="gallery"><?php echo get_the_title( $post->post_parent ); ?></a></span>
    3434                        <?php edit_post_link( __( 'Edit', 'twentyfourteen' ), '<span class="edit-link">', '</span>' ); ?>
    3535                    </div><!-- .entry-meta -->
Note: See TracChangeset for help on using the changeset viewer.