Context Navigation

← Previous Ticket
Next Ticket →

#60990 closed defect (bug) (invalid)

Change esc_html to esc_url

Reported by:	truptikanzariya	Owned by:
Milestone:		Priority:	normal
Severity:	normal	Version:
Component:	Application Passwords	Keywords:	has-patch
Focuses:	coding-standards	Cc:

Description

Change "esc_html" to "esc_url" in the wp-admin/authorize-application.php file.

Attachments (1)

60990.patch (680 bytes) - added by truptikanzariya 20 months ago.

Download all attachments as: .zip

Change History (4)

@truptikanzariya
20 months ago

Attachment 60990.patch added

#1 @dd32
20 months ago

Component changed from General to Application Passwords

I believe this is intentionally using esc_html() and not esc_url(), as the link is output on the page, rather than as part of a <a href attribute. This is also not the only location on that page where the link is output using esc_html(). Anywhere that would use it as a link uses esc_url() though.

The code originated in https://github.com/WordPress/application-passwords/ - but I can't find the actual source of it there.

#2 @johnbillion
20 months ago

Milestone Awaiting Review deleted
Resolution set to invalid
Status changed from new to closed

Yeah esc_html() is appropriate here. Thanks for the contribution though @truptikanzariya !

#3 @sabernhardt
20 months ago

For what it's worth: that code has had several iterations, with the earliest version in the first commit of PR 39 in the plugin.

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Make WordPress Core