Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
05/02/2024 12:43:50 PM (12 months ago)
Author:
imath
Message:

Use a more appropriate function to escape slugs

Props johndawson155

See #9143 (trunk)
Closes https://github.com/buddypress/buddypress/pull/277

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/bp-blogs/bp-blogs-template.php

    r13802 r13844  
    1818 */
    1919function bp_blogs_slug() {
    20     echo esc_url( bp_get_blogs_slug() );
     20    echo esc_attr( bp_get_blogs_slug() );
    2121}
    2222    /**
     
    4646 */
    4747function bp_blogs_root_slug() {
    48     echo esc_url( bp_get_blogs_root_slug() );
     48    echo esc_attr( bp_get_blogs_root_slug() );
    4949}
    5050    /**
     
    11861186                // phpcs:ignore WordPress.Security.EscapeOutput
    11871187                bp_get_form_field_attributes( 'blogname' ),
    1188                 esc_url( bp_signup_get_subdomain_base() )
     1188                esc_attr( bp_signup_get_subdomain_base() )
    11891189            );
    11901190        }
Note: See TracChangeset for help on using the changeset viewer.