Changeset 58479 for branches/6.2/src/wp-includes/formatting.php

Timestamp:

06/24/2024 03:13:02 PM (21 months ago)

Author:

audrasjb

Message:

Grouped Backports to the 6.2 branch.

• Editor: Fix Path Traversal issue on Windows in Template-Part Block.
• Editor: Sanitize Template Part HTML tag on save.
• HTML API: Run URL attributes through esc_url().

Merges [58470], [58471], [58472] and [58473] to the 6.2 branch.
Props xknown, peterwilsoncc, jorbin, bernhard-reiter, azaozz, dmsnell, gziolo.

File:

• branches/6.2/src/wp-includes/formatting.php (modified) (2 diffs)

branches/6.2/src/wp-includes/formatting.php

@@ -4721 +4721 @@
  *
  * @since 2.5.0
+ * @since 6.5.5 Allow hyphens in tag names (i.e. custom elements).
  *
  * @param string $tag_name
@@ -4726 +4727 @@
  */
 function tag_escape( $tag_name ) {
-    $safe_tag = strtolower( preg_replace( '/[^a-zA-Z0-9_:]/', '', $tag_name ) );
+    $safe_tag = strtolower( preg_replace( '/[^a-zA-Z0-9-_:]/', '', $tag_name ) );
     /**
      * Filters a string cleaned and escaped for output as an HTML tag.