Make WordPress Core


Ignore:
Timestamp:
06/01/2022 06:12:25 PM (2 years ago)
Author:
SergeyBiryukov
Message:

General: Replace all esc_url_raw() calls in core with sanitize_url().

This aims to improve performance by calling sanitize_url() directly, instead of the esc_url_raw() wrapper. As of WordPress 6.1, sanitize_url() is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/media.php

    r53307 r53455  
    918918             * @param string $title Media title.
    919919             */
    920             $html = apply_filters( "{$type}_send_to_editor_url", $html, esc_url_raw( $src ), $title );
     920            $html = apply_filters( "{$type}_send_to_editor_url", $html, sanitize_url( $src ), $title );
    921921        } else {
    922922            $align = '';
     
    943943             *                      'alignleft', 'aligncenter', 'alignright', 'alignnone'.
    944944             */
    945             $html = apply_filters( 'image_send_to_editor_url', $html, esc_url_raw( $src ), $alt, $align );
     945            $html = apply_filters( 'image_send_to_editor_url', $html, sanitize_url( $src ), $alt, $align );
    946946        }
    947947
Note: See TracChangeset for help on using the changeset viewer.