Make WordPress Core


Ignore:
Timestamp:
12/06/2024 05:05:39 PM (2 months ago)
Author:
SergeyBiryukov
Message:

Coding Standards: Use correct escaping function for wp_http_referer.

Follow-up to [58069].

Props yogeshbhutkar, sainathpoojary, PcTevree, knutsp, siliconforks, stromhalm, shanemuir.
Fixes #62551.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/user-edit.php

    r59046 r59496  
    1515$action          = ! empty( $_REQUEST['action'] ) ? sanitize_text_field( $_REQUEST['action'] ) : '';
    1616$user_id         = ! empty( $_REQUEST['user_id'] ) ? absint( $_REQUEST['user_id'] ) : 0;
    17 $wp_http_referer = ! empty( $_REQUEST['wp_http_referer'] ) ? sanitize_text_field( $_REQUEST['wp_http_referer'] ) : '';
     17$wp_http_referer = ! empty( $_REQUEST['wp_http_referer'] ) ? sanitize_url( $_REQUEST['wp_http_referer'] ) : '';
    1818
    1919$current_user = wp_get_current_user();
Note: See TracChangeset for help on using the changeset viewer.