#2857 closed defect (bug) (fixed)
WP_Scripts->_print_scripts and add_query_arg generate invalid links
Reported by: | Nazgul | Owned by: | |
---|---|---|---|
Milestone: | 2.1 | Priority: | normal |
Severity: | normal | Version: | 2.1 |
Component: | Administration | Keywords: | query arguments bg|has-patch |
Focuses: | Cc: |
Description
When a link with more than 1 parameter is generated by WP_Scripts, it's generated as http://domain.tld/somescript.js?a=1&b=2, which should be http://domain.tld/somescript.js?a=1&b=2, according to the XHTML guidelines.
Same applies to the add_query_arg function.
Attachments (2)
Change History (10)
#2
@
19 years ago
& should not be used within add_query_arg() function. Rather, the thing that is calling it should run wp_specialchars() on the output. We need non-encoded to be the default.
The Script Loader fix looks good, though.
#3
@
19 years ago
Ok. New Patch.
Instead of changing add_query_arg I changed the calling function in which I noticed the behaviour (wp_nonce_url), as you suggested.
The Script Loader fix is also included, but hasn't changed.
#4
@
19 years ago
Looks good to me. The only potential concern is if wp_nonce_url is fed to a redirection script. e.g. wp_redirect(wp_nonce_url($url, $action));
Attn: Owen and Ryan, Is this a plausible scenario?
#6
@
19 years ago
wp_nonce_url() is being used on URLs that are already converted, so maybe we should go ahead and specialchars within wp_nonce_url().
Patch which uses & instead of & to concatenate uploaded.