#55852 closed enhancement (fixed)
Reverse wrapping of `sanitize_url()` and `esc_url_raw()`.
Reported by: | peterwilsoncc | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 6.1 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Formatting | Keywords: | good-first-bug has-patch has-unit-tests add-to-field-guide |
Focuses: | Cc: |
Description
In WordPress 5.9 sanitize_url()
was undeprecated as a wrapper for esc_url_raw()
as sanitizing functions are generally prefixed sanitize_
but for sanitizing URLs it was prefixed esc_
. It was confusing.
As sanitize_url()
is to become the recommended function for sanitizing a URL, it ought to be the canonical function call and contain the code currently in esc_url_raw()
.
This will reduce the number of function calls required when using the recommended technique.
Attachments (4)
Change History (25)
#1
@
2 years ago
- Keywords needs-patch good-first-bug added
- Milestone changed from Awaiting Review to 6.1
#3
in reply to:
↑ 2
@
2 years ago
Replying to benjgrolleau:
I have reversed the two wrappers, and change comments relatives to the functions too.
Hi there, thanks for the patch! It looks good to me, I only have two minor suggestions:
- The new
@return
tag foresc_url_raw()
says:@return string The cleaned URL after sanitize_url() is run with the 'db' context.
sanitize_url()
does not have adb
context, so I think we can either omit that part or leave the original tag as is. Given that the function description also mentionsesc_url()
and notsanitize_url()
, I think keeping the original tag would be preferable. sanitize_url()
has this comment in the description:This function is an alias for esc_url_raw().
It should be moved toesc_url_raw()
and changed to:This function is an alias for sanitize_url().
#6
follow-up:
↓ 7
@
2 years ago
Thanks for the refresh, looks better now :) I'll make some more minor documentation edits on commit.
#7
in reply to:
↑ 6
@
2 years ago
Replying to SergeyBiryukov:
Thanks for the refresh, looks better now :) I'll make some more minor documentation edits on commit.
Nice !
Very glad to be part of WordPress contributors community now. Thank you for your patience, Sergey.
#9
follow-ups:
↓ 10
↓ 11
@
2 years ago
- Keywords needs-patch added; has-patch removed
Let's also use this ticket to replace all esc_url_raw()
calls in core with sanitize_url()
.
@benjgrolleau Would you be interested in working on a patch for that? :)
#10
in reply to:
↑ 9
@
2 years ago
Replying to SergeyBiryukov:
Let's also use this ticket to replace all
esc_url_raw()
calls in core withsanitize_url()
.
@benjgrolleau Would you be interested in working on a patch for that? :)
Yes I can ! :-)
#11
in reply to:
↑ 9
;
follow-up:
↓ 12
@
2 years ago
- Keywords has-patch added; needs-patch removed
Replying to SergeyBiryukov:
Let's also use this ticket to replace all
esc_url_raw()
calls in core withsanitize_url()
.
@benjgrolleau Would you be interested in working on a patch for that? :)
This is done. I've tried to replace comments and deprecated notices too.
#12
in reply to:
↑ 11
@
2 years ago
Replying to benjgrolleau:
This is done. I've tried to replace comments and deprecated notices too.
Looks good, thanks! There are some more instances in the wp-admin
and wp-admin/includes/
directories, let's replace them too :)
#14
in reply to:
↑ 13
@
2 years ago
Replying to benjgrolleau:
I've finished replacing all of them (at least I think).
Perfect, thanks! Creating a GitHub PR now just to make sure all the tests pass.
This ticket was mentioned in PR #2765 on WordPress/wordpress-develop by SergeyBiryukov.
2 years ago
#15
- Keywords has-unit-tests added
#16
follow-up:
↓ 18
@
2 years ago
- Resolution set to fixed
- Status changed from reviewing to closed
In 53455:
SergeyBiryukov commented on PR #2765:
2 years ago
#17
#19
in reply to:
↑ 18
@
2 years ago
Replying to benjgrolleau:
Maybe now we need to update the WPCS ?
Good point, thanks! Looks like there is already an issue created for that:
https://github.com/WordPress/WordPress-Coding-Standards/issues/2031
Hello !
Just made it. It's my first try to contribute… hope it was the expected result.
I have reversed the two wrappers, and change comments relatives to the functions too.