[theme-reviewers] home_url('/') VS esc_url(home_url('/')) Clarification

Justin Tadlock justin at justintadlock.com
Thu Sep 12 19:59:30 UTC 2013 

`esc_url()` is also filterable via the `clean_url` hook. :)

On 9/12/2013 2:56 PM, Kirk Wight wrote:
> Note that get_home_url() (which is used by home_url()) is filterable, 
> so technically we have no idea what's going to come through; using 
> esc_url(), even if not required, will always be a good idea.
>
>
> On 12 September 2013 15:30, Zulfikar Nore <zulfikarnore at live.com 
> <mailto:zulfikarnore at live.com>> wrote:
>
>     Thanks for the clarification Chip - Noted :)
>
>     ------------------------------------------------------------------------
>     Date: Thu, 12 Sep 2013 14:32:55 -0400
>     From: chip at chipbennett.net <mailto:chip at chipbennett.net>
>     To: theme-reviewers at lists.wordpress.org
>     <mailto:theme-reviewers at lists.wordpress.org>
>     Subject: Re: [theme-reviewers] home_url('/') VS
>     esc_url(home_url('/')) Clarification
>
>
>     I would consider it as *recommended*, since home_url() isn't
>     explicitly user-configurable. At the very least, if it's
>     considered as *required*, then it is minor enough to leave until
>     the next revision.
>
>
>     On Thu, Sep 12, 2013 at 2:30 PM, Zulfikar Nore
>     <zulfikarnore at live.com <mailto:zulfikarnore at live.com>> wrote:
>
>         As this page:
>         http://make.wordpress.org/themes/guidelines/guidelines-theme-security-and-privacy/ has
>         since changed I thought I'd ask just to be clear I understand
>         the requirements.
>
>         Is esc_url for home_url a requirement or recommended? This
>         page: http://codex.wordpress.org/Data_Validation does not
>         state explicitly that it is a requirement.
>
>         So if its a requirement - is it a must fix requirement or can
>         it be a fix in next revision requirement?
>
>         Thanks in advance,
>         Zulf
>
>         _______________________________________________
>         theme-reviewers mailing list
>         theme-reviewers at lists.wordpress.org
>         <mailto:theme-reviewers at lists.wordpress.org>
>         http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
>     _______________________________________________ theme-reviewers
>     mailing list theme-reviewers at lists.wordpress.org
>     <mailto:theme-reviewers at lists.wordpress.org>
>     http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>     _______________________________________________
>     theme-reviewers mailing list
>     theme-reviewers at lists.wordpress.org
>     <mailto:theme-reviewers at lists.wordpress.org>
>     http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20130912/92cf3d1c/attachment-0001.html>

More information about the theme-reviewers mailing list