Make WordPress Core


Ignore:
Timestamp:
08/30/2023 08:23:18 PM (18 months ago)
Author:
costdev
Message:

General: Replace two esc_url_raw() calls in core with sanitize_url().

This aims to improve performance by calling sanitize_url() directly, instead of the esc_url_raw() wrapper. As of WordPress 6.1, sanitize_url() is the recommended function for sanitizing a URL for database or redirect usage.

This replaces the two remaining instances of esc_url_raw() with sanitize_url() in WordPress core.

Follow-up to [53455], [53933], [54522].

Props rajinsharwar, SergeyBiryukov.
Fixes #59247.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/update.php

    r56341 r56494  
    755755        }
    756756
    757         $hostname = wp_parse_url( esc_url_raw( $theme_data['UpdateURI'] ), PHP_URL_HOST );
     757        $hostname = wp_parse_url( sanitize_url( $theme_data['UpdateURI'] ), PHP_URL_HOST );
    758758
    759759        /**
Note: See TracChangeset for help on using the changeset viewer.