Opened 12 years ago
Closed 12 years ago
#21923 closed defect (bug) (duplicate)
Bug with esc_url() and header_image() in custom-header.php
Reported by: | v-media | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | minor | Version: | 3.4.2 |
Component: | Customize | Keywords: | |
Focuses: | Cc: |
Description
Just found this in custom-header.php, line 514:
... background-image:url(<?php esc_url ( header_image() ) ?>) ...
This will not work as expected, because header_image() echo's a link and returns nothing.
The issue can be fixed by the following:
... background-image:url(<?php echo esc_url ( get_header_image() ) ?>) ...
p.s. Further investigation shows that header_image() echo's a link without any escaping, while get_header_image() escapes the url for DB usage. I'm not sure if echo'ing previously escaped-for-db link is a desired behavior.
Change History (1)
Note: See
TracTickets for help on using
tickets.
Duplicate of #21433, fixed in [21508].