Make WordPress Core

Changeset 52957


Ignore:
Timestamp:
03/19/2022 08:30:01 PM (3 years ago)
Author:
SergeyBiryukov
Message:

Coding Standards: Use esc_url() instead of esc_attr() for some URLs.

Follow-up to [2063], [2182], [4656], [6952], [9098], [11109], [11204], [17887], [22505],

Props kebbet.
See #54728.

Location:
trunk/src
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-custom-image-header.php

    r52946 r52957  
    652652    </p>
    653653            <?php
    654                 $modal_update_href = esc_url(
    655                     add_query_arg(
    656                         array(
    657                             'page' => 'custom-header',
    658                             'step' => 2,
    659                             '_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
    660                         ),
    661                         admin_url( 'themes.php' )
    662                     )
    663                 );
     654            $modal_update_href = add_query_arg(
     655                array(
     656                    'page'                          => 'custom-header',
     657                    'step'                          => 2,
     658                    '_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
     659                ),
     660                admin_url( 'themes.php' )
     661            );
    664662            ?>
    665663    <p>
    666664        <label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br />
    667665        <button id="choose-from-library-link" class="button"
    668             data-update-link="<?php echo esc_attr( $modal_update_href ); ?>"
     666            data-update-link="<?php echo esc_url( $modal_update_href ); ?>"
    669667            data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>"
    670668            data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button>
  • trunk/src/wp-admin/includes/class-wp-comments-list-table.php

    r52205 r52957  
    920920            <div class="author-email"><?php echo esc_attr( $comment->comment_author_email ); ?></div>
    921921            <div class="author"><?php echo esc_attr( $comment->comment_author ); ?></div>
    922             <div class="author-url"><?php echo esc_attr( $comment->comment_author_url ); ?></div>
     922            <div class="author-url"><?php echo esc_url( $comment->comment_author_url ); ?></div>
    923923            <div class="comment_status"><?php echo $comment->comment_approved; ?></div>
    924924        </div>
  • trunk/src/wp-admin/includes/dashboard.php

    r52610 r52957  
    16911691            $img_src = ( is_ssl() && ! empty( $response['img_src_ssl'] ) ) ? $response['img_src_ssl'] : $response['img_src'];
    16921692
    1693             $notice           .= '<div class="alignright browser-icon"><img src="' . esc_attr( $img_src ) . '" alt="" /></div>';
     1693            $notice           .= '<div class="alignright browser-icon"><img src="' . esc_url( $img_src ) . '" alt="" /></div>';
    16941694            $browser_nag_class = ' has-browser-icon';
    16951695        }
  • trunk/src/wp-includes/media.php

    r52837 r52957  
    394394    $class = apply_filters( 'get_image_tag_class', $class, $id, $align, $size );
    395395
    396     $html = '<img src="' . esc_attr( $img_src ) . '" alt="' . esc_attr( $alt ) . '" ' . $title . $hwstring . 'class="' . $class . '" />';
     396    $html = '<img src="' . esc_url( $img_src ) . '" alt="' . esc_attr( $alt ) . '" ' . $title . $hwstring . 'class="' . $class . '" />';
    397397
    398398    /**
  • trunk/src/wp-links-opml.php

    r47198 r52957  
    8181        $title = apply_filters( 'link_title', $bookmark->link_name );
    8282        ?>
    83 <outline text="<?php echo esc_attr( $title ); ?>" type="link" xmlUrl="<?php echo esc_attr( $bookmark->link_rss ); ?>" htmlUrl="<?php echo esc_attr( $bookmark->link_url ); ?>" updated="
     83<outline text="<?php echo esc_attr( $title ); ?>" type="link" xmlUrl="<?php echo esc_url( $bookmark->link_rss ); ?>" htmlUrl="<?php echo esc_url( $bookmark->link_url ); ?>" updated="
    8484                            <?php
    8585                            if ( '0000-00-00 00:00:00' !== $bookmark->link_updated ) {
Note: See TracChangeset for help on using the changeset viewer.