Make WordPress Core


Ignore:
Timestamp:
01/09/2019 06:10:13 AM (6 years ago)
Author:
pento
Message:

Bundled Themes: Run the pingback_url through esc_url().

Twenties Ten through Seventeen have been updated to properly escape the pingback URL. Twenty Nineteen is already escaping the URL.

Props soulseekah, sharaz.
Fixes #43717.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-content/themes/twentythirteen/header.php

    r43571 r44500  
    2424    <title><?php wp_title( '|', true, 'right' ); ?></title>
    2525    <link rel="profile" href="http://gmpg.org/xfn/11">
    26     <link rel="pingback" href="<?php bloginfo( 'pingback_url' ); ?>">
     26    <link rel="pingback" href="<?php echo esc_url( get_bloginfo( 'pingback_url' ) ); ?>">
    2727    <!--[if lt IE 9]>
    2828    <script src="<?php echo get_template_directory_uri(); ?>/js/html5.js"></script>
Note: See TracChangeset for help on using the changeset viewer.