[wp-trac] [WordPress Trac] #59141: Escaping function is missing in $post_edit_link
WordPress Trac
noreply at wordpress.org
Fri Aug 18 17:29:52 UTC 2023
#59141: Escaping function is missing in $post_edit_link
------------------------------+---------------------
Reporter: nidhidhandhukiya | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.4
Component: Revisions | Version: 6.3
Severity: normal | Resolution:
Keywords: has-patch commit | Focuses:
------------------------------+---------------------
Changes (by costdev):
* keywords: has-patch => has-patch commit
Comment:
Thanks for the ping @mukesh27!
As noted above, `_draft_or_post_title()` is already escaped.
However, `get_edit_post_link()` is not escaped, and also returns the
result of the `get_edit_post_link` filter. There may have been some
confusion with `edit_post_link()`, which ''does'' escape the link before
output.
[https://core.trac.wordpress.org/attachment/ticket/59141/59141.patch
59141.patch] looks good to me, thanks @nidhidhandhukiya! 🙂
-----
I'm not fully onboarded as a committer yet, sorry Mukesh! 😅 Adding for
final review and `commit` by another committer.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59141#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list