Make WordPress Core


Ignore:
Timestamp:
08/30/2023 08:23:18 PM (17 months ago)
Author:
costdev
Message:

General: Replace two esc_url_raw() calls in core with sanitize_url().

This aims to improve performance by calling sanitize_url() directly, instead of the esc_url_raw() wrapper. As of WordPress 6.1, sanitize_url() is the recommended function for sanitizing a URL for database or redirect usage.

This replaces the two remaining instances of esc_url_raw() with sanitize_url() in WordPress core.

Follow-up to [53455], [53933], [54522].

Props rajinsharwar, SergeyBiryukov.
Fixes #59247.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/functions.php

    r56474 r56494  
    36143614        if ( wp_get_referer() ) {
    36153615            $wp_http_referer = remove_query_arg( 'updated', wp_get_referer() );
    3616             $wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
     3616            $wp_http_referer = wp_validate_redirect( sanitize_url( $wp_http_referer ) );
    36173617
    36183618            $html .= '</p><p>';
Note: See TracChangeset for help on using the changeset viewer.