[wp-trac] [WordPress Trac] #58831: Coding Standards fixes for WP 6.4
WordPress Trac
noreply at wordpress.org
Wed Sep 20 09:46:07 UTC 2023
#58831: Coding Standards fixes for WP 6.4
--------------------------------------+-------------------------------
Reporter: audrasjb | Owner: (none)
Type: task (blessed) | Status: new
Priority: normal | Milestone: 6.4
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses: coding-standards
--------------------------------------+-------------------------------
Comment (by SergeyBiryukov):
In [changeset:"56633" 56633]:
{{{
#!CommitTicketReference repository="" revision="56633"
Coding Standards: Escape the whole attribute in `wp-admin/export.php`.
It is best to always escape the complete value of an attribute, not a
partial value, as otherwise the escaping could be (partially) undone when
the values are joined together.
While the hardcoded hyphen in this case don't necessarily create that
risk, it may change to a value which could be problematic, so making it a
habit to escape the value in one go is best practice.
Escaping the complete value also means that a single `esc_attr()` call can
be used instead of two.
Follow-up to [14444], [16652], [55616], [56632].
See #58831.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58831#comment:54>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list