WordPress.org
Get WordPress

Make WordPress Core

Changeset 59538


Ignore:
Timestamp:
12/18/2024 08:56:06 PM (4 months ago)
Author:
jorbin
Message:

Coding Standards: Escape attachment URL in wp-admin/async-upload.php.

Follow-up to [58279].

Reviewed by jorbin.
Merges [59407] to the 6.7 branch.

Props shyamkariya, pitamdey, nareshbheda, ketanniruke, desrosj, SergeyBiryukov .
Fixes #62434.

Location:
branches/6.7
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • branches/6.7

  • branches/6.7/src/wp-admin/async-upload.php

    r58279 r59538  
    7575                            ?>
    7676                            <span class="media-item-copy-container copy-to-clipboard-container edit-attachment">
    77                                 <button type="button" class="button button-small copy-attachment-url" data-clipboard-text="<?php echo $file_url; ?>"><?php _e( 'Copy URL to clipboard' ); ?></button>
     77                                <button type="button" class="button button-small copy-attachment-url"
     78                                    data-clipboard-text="<?php echo esc_url( $file_url ); ?>"
     79                                ><?php _e( 'Copy URL to clipboard' ); ?></button>
    7880                                <span class="success hidden" aria-hidden="true"><?php _e( 'Copied!' ); ?></span>
    7981                            </span>
Note: See TracChangeset for help on using the changeset viewer.