WordPress.org
Get WordPress

Make WordPress Core

Changes between Initial Version and Version 2 of Ticket #62118


Ignore:
Timestamp:
09/26/2024 08:59:08 AM (18 months ago)
Author:
swissspidy
Comment:

Hi there and welcome to Trac!

instead of

Definitely not instead of. __() is important as it allows for the URL to be translated.

To be honest we're pretty inconsistent in core with escaping the URLs in cases like this. On one hand we do trust translations to be correct, on the other hand it can't hurt to add it.

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #62118

    • Property Focuses coding-standards removed
    • Property Component changed from General to Administration
    • Property Priority changed from normal to low
    • Property Keywords needs-testing changes-requested removed
    • Property Type changed from feature request to enhancement
    • Property Severity changed from normal to minor

  • Ticket #62118 – Description

    initial v2  
    11Code Improvement Suggestion for admin footer \wp-admin\admin-footer.php line No. 35
     2
     3{{{#!php
    24
    35$text = sprintf(
     
    68        __( 'https://wordpress.org/' )
    79);
     10}}}
    811
    912
    10 
    11 Should we use esc_url() here instead of __ (underscore) to ensure that the URL is valid and protected from cross-site scripting?
     13Should we use `esc_url()` here instead of `__` (underscore) to ensure that the URL is valid and protected from cross-site scripting?
    1214
    1315
     16{{{#!php
    1417$text = sprintf(
    1518        /* translators: %s: https://wordpress.org/ */
    1619        __('Thank you for creating with <a href="%s">WordPress</a>.'),
    17         esc_url('https://wordpress.org/')
     20        esc_url( 'https://wordpress.org/' )
    1821);
     22}}}
    1923
    2024Thanks!