Make WordPress Core


Ignore:
Timestamp:
10/29/2020 04:56:34 PM (4 years ago)
Author:
whyisjake
Message:

Coding standards: Modify escaping functions to avoid potential false positives.

Props xknown, zieladam, peterwilsoncc.Y

File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/5.5/src/wp-admin/admin-header.php

    r48955 r49375  
    8383<script type="text/javascript">
    8484addLoadEvent = function(func){if(typeof jQuery!=='undefined')jQuery(document).ready(func);else if(typeof wpOnload!=='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
    85 var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>',
    86     pagenow = '<?php echo $current_screen->id; ?>',
    87     typenow = '<?php echo $current_screen->post_type; ?>',
    88     adminpage = '<?php echo $admin_body_class; ?>',
    89     thousandsSeparator = '<?php echo addslashes( $wp_locale->number_format['thousands_sep'] ); ?>',
    90     decimalPoint = '<?php echo addslashes( $wp_locale->number_format['decimal_point'] ); ?>',
     85var ajaxurl = '<?php echo esc_js( admin_url( 'admin-ajax.php', 'relative' ) ); ?>',
     86    pagenow = '<?php echo esc_js( $current_screen->id ); ?>',
     87    typenow = '<?php echo esc_js( $current_screen->post_type ); ?>',
     88    adminpage = '<?php echo esc_js( $admin_body_class ); ?>',
     89    thousandsSeparator = '<?php echo esc_js( $wp_locale->number_format['thousands_sep'] ); ?>',
     90    decimalPoint = '<?php echo esc_js( $wp_locale->number_format['decimal_point'] ); ?>',
    9191    isRtl = <?php echo (int) is_rtl(); ?>;
    9292</script>
Note: See TracChangeset for help on using the changeset viewer.