[theme-reviewers] home_url('/') VS esc_url(home_url('/')) Clarification
Justin Tadlock
justin at justintadlock.com
Thu Sep 12 20:09:01 UTC 2013
The `clean_url()` function is deprecated. The `clean_url` filter hook
was carried over and used within `esc_url()`.
On 9/12/2013 3:02 PM, Emil Uzelac wrote:
> isn't clean_urldeprecated
> <http://codex.wordpress.org/Function_Reference/clean_url> and aren't
> we suppose to use esc_url()instead?
>
>
> On Thu, Sep 12, 2013 at 2:59 PM, Justin Tadlock
> <justin at justintadlock.com <mailto:justin at justintadlock.com>> wrote:
>
> `esc_url()` is also filterable via the `clean_url` hook. :)
>
>
> On 9/12/2013 2:56 PM, Kirk Wight wrote:
>> Note that get_home_url() (which is used by home_url()) is
>> filterable, so technically we have no idea what's going to come
>> through; using esc_url(), even if not required, will always be a
>> good idea.
>>
>>
>> On 12 September 2013 15:30, Zulfikar Nore <zulfikarnore at live.com
>> <mailto:zulfikarnore at live.com>> wrote:
>>
>> Thanks for the clarification Chip - Noted :)
>>
>> ------------------------------------------------------------------------
>> Date: Thu, 12 Sep 2013 14:32:55 -0400
>> From: chip at chipbennett.net <mailto:chip at chipbennett.net>
>> To: theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> Subject: Re: [theme-reviewers] home_url('/') VS
>> esc_url(home_url('/')) Clarification
>>
>>
>> I would consider it as *recommended*, since home_url() isn't
>> explicitly user-configurable. At the very least, if it's
>> considered as *required*, then it is minor enough to leave
>> until the next revision.
>>
>>
>> On Thu, Sep 12, 2013 at 2:30 PM, Zulfikar Nore
>> <zulfikarnore at live.com <mailto:zulfikarnore at live.com>> wrote:
>>
>> As this page:
>> http://make.wordpress.org/themes/guidelines/guidelines-theme-security-and-privacy/ has
>> since changed I thought I'd ask just to be clear I
>> understand the requirements.
>>
>> Is esc_url for home_url a requirement or recommended?
>> This page:
>> http://codex.wordpress.org/Data_Validation does not state
>> explicitly that it is a requirement.
>>
>> So if its a requirement - is it a must fix requirement or
>> can it be a fix in next revision requirement?
>>
>> Thanks in advance,
>> Zulf
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>>
>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org <mailto:theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> <mailto:theme-reviewers at lists.wordpress.org>
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20130912/34a8732f/attachment.html>
More information about the theme-reviewers
mailing list