Skip to:
Content

BuddyPress.org

Opened 4 years ago

Closed 4 years ago

Last modified 3 years ago

#6390 closed defect (bug) (fixed)

Nested escaping

Reported by: johnjamesjacoby Owned by: johnjamesjacoby
Milestone: 2.3 Priority: normal
Severity: normal Version: 1.5
Component: Core Keywords: commit
Cc:

Description

There are a few places where calls to esc_url() are immediately and unnecessarily escaped again with esc_attr().

Imminent patch will clean these up for trunk.

Attachments (1)

6390.01.patch (1.9 KB) - added by johnjamesjacoby 4 years ago.

Download all attachments as: .zip

Change History (3)

#1 @johnjamesjacoby
4 years ago

  • Owner set to johnjamesjacoby
  • Resolution set to fixed
  • Status changed from new to closed

In 9791:

The esc_url() function does an adequate job of preparing URLs for output to the browser; there is no need to also call esc_attr() on the results. Fixes #6390.

#2 @DJPaul
3 years ago

  • Component changed from Tools - Code Improvement to Core
Note: See TracTickets for help on using tickets.