Opened 15 years ago
Closed 15 years ago
#12309 closed enhancement (fixed)
Deprecate clean_url() in favor of esc_url() and esc_url_raw()
Reported by: | nacin | Owned by: | nacin |
---|---|---|---|
Milestone: | 3.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Inline Docs | Keywords: | |
Focuses: | Cc: |
Description
Though eliminating a straight alias doesn't make much of a difference, the less validation and sanitization functions we have, the less confused plugin authors are, which hopefully means they try to write more secure the code.
We should merge clean_url() into esc_url(), giving esc_url() a $_context argument. esc_url_raw() can then call esc_url() with a $_context of 'db'.
Attachments (1)
Change History (3)
Note: See
TracTickets for help on using
tickets.
(In [13297]) Use esc_url() instead of clean_url(). See #12309