Changeset 53455 for trunk/src/wp-admin/includes/media.php

Timestamp:

06/01/2022 06:12:25 PM (3 years ago)

Author:

SergeyBiryukov

Message:

General: Replace all esc_url_raw() calls in core with sanitize_url().

This aims to improve performance by calling sanitize_url() directly, instead of the esc_url_raw() wrapper. As of WordPress 6.1, sanitize_url() is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.

File:

• trunk/src/wp-admin/includes/media.php (modified) (2 diffs)

trunk/src/wp-admin/includes/media.php

@@ -918 +918 @@
              * @param string $title Media title.
              */
-            $html = apply_filters( "{$type}_send_to_editor_url", $html, esc_url_raw( $src ), $title );
+            $html = apply_filters( "{$type}_send_to_editor_url", $html, sanitize_url( $src ), $title );
         } else {
             $align = '';
@@ -943 +943 @@
              *                      'alignleft', 'aligncenter', 'alignright', 'alignnone'.
              */
-            $html = apply_filters( 'image_send_to_editor_url', $html, esc_url_raw( $src ), $alt, $align );
+            $html = apply_filters( 'image_send_to_editor_url', $html, sanitize_url( $src ), $alt, $align );
         }