Changes between Initial Version and Version 1 of Ticket #22549
- Timestamp:
- 11/23/2012 12:19:17 AM (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #22549 – Description
initial v1 1 1 When you go to embed an external URL via the 'Embed From URL' tab in the new media modal, the URL is inserted as-is. 2 2 3 The user in [http://make.wordpress.org/ui/2012/11/14/to-change-things-up-i-tested-a-different/ this recent user interaction test by lessbloat] pasted a URL into this box without overwriting the ' http://' placeholder and ended up with a mangled URL. Before inserting it into the post the URL should be sanitized via an AJAX call that runs it through `esc_url_raw()`.3 The user in [http://make.wordpress.org/ui/2012/11/14/to-change-things-up-i-tested-a-different/ this recent user interaction test by lessbloat] pasted a URL into this box without overwriting the '`http://`' placeholder and ended up with a mangled URL. Before inserting it into the post the URL should be sanitized via an AJAX call that runs it through `esc_url_raw()`. 4 4 5 5 Related: #22548