#58239 closed defect (bug) (fixed)
Bookmark Administration on edit_link function in extra remove ( $_POST['link_url'] = esc_html( $_POST['link_url'] ); )
Reported by: | utsav72640 | Owned by: | audrasjb |
---|---|---|---|
Milestone: | 6.3 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Administration | Keywords: | has-patch |
Focuses: | coding-standards | Cc: |
Description
I have checked in edit_link function on wp-admin/includes/bookmark.php
And if I look at the code there are add an extra esc_html function to sanitize the ( $_POSTlink_url? ).
After reviewing the example provided for the add_link action, it appears that there is no need to include an esc_html function when handling the ( $_POSTlink_url? ) parameter.
Can you please check my patch and share your feedback.
Attachments (1)
Change History (15)
#1
@
17 months ago
Also I have added in git a new pull request can you please check and let me know if there are any changes or not.
This ticket was mentioned in PR #4415 on WordPress/wordpress-develop by utsavtilava.
17 months ago
#2
- Keywords has-patch added
I have checked in edit_link function on wp-admin/includes/bookmark.php
And if I look at the code there are add an extra esc_html function to sanitize the ( $_POSTlink_url? ).
After reviewing the example provided for the add_link action, it appears that there is no need to include an esc_html function when handling the ( $_POSTlink_url? ) parameter.
Can you please check my patch and share your feedback.
Trac Ticket: https://core.trac.wordpress.org/ticket/58239
EDITED by @audrasjb to add a link to the Trac ticket
#3
@
17 months ago
Hello @utsav72640,
The duplication issue looks relevant to me, thanks.
However, there is a conflict in your PR, and you also have an unrelated change to /wp-admin/includes/user.php
.
#5
@
17 months ago
- Milestone changed from Awaiting Review to 6.3
- Owner set to audrasjb
- Status changed from new to accepted
#6
follow-up:
↓ 8
@
17 months ago
Hello @audrasjb
Could you please review the updated patch I submitted? If any additional changes are required, please let me know and I will make the necessary updates to the PR.
#7
@
17 months ago
Historical context: this was introduced in [11383] when clean_url()
was deprecated in favor of esc_url()
.
#8
in reply to:
↑ 6
@
17 months ago
Replying to utsav72640:
Could you please review the updated patch I submitted? If any additional changes are required, please let me know and I will make the necessary updates to the PR.
Already reviewed in comment:3 ;)
utsavtilava commented on PR #4415:
17 months ago
#9
As per our audrasjb conversation i will closed this PR because it's conflict in user.php file so i am close this pull request and i will add new pull request.
#10
follow-up:
↓ 11
@
17 months ago
Hello @audrasjb
I have added in git a new pull request can you please check and let me know if there are any changes or not.
#11
in reply to:
↑ 10
@
17 months ago
Replying to utsav72640:
I have added in git a new pull request can you please check and let me know if there are any changes or not.
Thanks.
Just an important note: you don't need to add a link to your PR in a message here in Trac. Just add the link to the Trac ticket and your PR will automatically appear here on Trac. See the edition I made to your PR. Thanks.
This ticket was mentioned in PR #4416 on WordPress/wordpress-develop by utsavtilava.
17 months ago
#12
I have checked in edit_link function on wp-admin/includes/bookmark.php
And if I look at the code there are add an extra esc_html function to sanitize the ( $_POSTlink_url? ).
After reviewing the example provided for the add_link action, it appears that there is no need to include an esc_html function when handling the ( $_POSTlink_url? ) parameter.
Can you please check my patch and share your feedback.
EDITED by @audrasjb to add a link to the Trac ticket
Trac Ticket: https://core.trac.wordpress.org/ticket/58239
@audrasjb commented on PR #4416:
17 months ago
#14
Committed in https://core.trac.wordpress.org/changeset/55704
wp-admin/includes/bookmark.php