- Timestamp:
- 06/24/2024 03:13:02 PM (8 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/6.2/src/wp-includes/html-api/class-wp-html-tag-processor.php
r55925 r58479 1868 1868 $updated_attribute = $name; 1869 1869 } else { 1870 $escaped_new_value = esc_attr( $value ); 1870 $comparable_name = strtolower( $name ); 1871 1872 /* 1873 * Escape URL attributes. 1874 * 1875 * @see https://html.spec.whatwg.org/#attributes-3 1876 */ 1877 $escaped_new_value = in_array( $comparable_name, wp_kses_uri_attributes() ) ? esc_url( $value ) : esc_attr( $value ); 1871 1878 $updated_attribute = "{$name}=\"{$escaped_new_value}\""; 1872 1879 }
Note: See TracChangeset
for help on using the changeset viewer.