Changeset 58472
- Timestamp:
- 06/24/2024 02:43:08 PM (5 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/html-api/class-wp-html-tag-processor.php
r58397 r58472 2973 2973 $updated_attribute = $name; 2974 2974 } else { 2975 $tag_name = $this->get_tag(); 2976 $comparable_name = strtolower( $name ); 2977 2978 /* 2979 * Escape URL attributes. 2980 * 2981 * @see https://html.spec.whatwg.org/#attributes-3 2982 */ 2975 2983 $escaped_new_value = esc_attr( $value ); 2976 $updated_attribute = "{$name}=\"{$escaped_new_value}\"";2984 $updated_attribute = wp_kses_one_attr( "{$comparable_name}=\"{$escaped_new_value}\"", $tag_name ); 2977 2985 } 2978 2986
Note: See TracChangeset
for help on using the changeset viewer.