#25529 closed defect (bug) (fixed)
Smiley URL is not escaped within translate_smiley
Reported by: | simonwheatley | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 3.8 | Priority: | normal |
Severity: | normal | Version: | 2.8 |
Component: | Formatting | Keywords: | has-patch dev-feedback commit |
Focuses: | Cc: |
Description
While documenting the hooks in formatting.php
, #25518, I noticed that the URL used in the img
element is not escaped.
Attachments (2)
Change History (7)
Note: See
TracTickets for help on using
tickets.
Move
esc_attr
on $smiley closer to the output, useesc_url
on the URL used for thesrc
.