[theme-reviewers] esc_url() for all links?
Emil Uzelac
emil at uzelac.me
Fri Aug 29 23:31:24 UTC 2014
And get_permalink does not need one, because it already exist here:
https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/link-template.php#L0
On Fri, Aug 29, 2014 at 6:30 PM, Emil Uzelac <emil at uzelac.me> wrote:
> Needs an escape and trailingslash as well
> http://codex.wordpress.org/Function_Reference/home_url
>
> <?php echo esc_url( home_url( '/' ) ); ?>
>
>
> On Fri, Aug 29, 2014 at 6:26 PM, Yentl Bresseleers <hello at design311.com>
> wrote:
>
>> Why doesn't home_url() does it for you then?On 30/08/2014 01:25, Tom
>> wrote:
>>
>>> I believe get_permalink() does it for you.
>>>
>>> -----Original Message-----
>>> From: theme-reviewers [mailto:theme-reviewers-
>>> bounces at lists.wordpress.org]
>>> On Behalf Of Yentl Bresseleers
>>> Sent: Friday, August 29, 2014 4:24 PM
>>> To: Discussion list for WordPress theme reviewers.
>>> Subject: [theme-reviewers] esc_url() for all links?
>>>
>>> Themes are required to escape all untrusted links before output using
>>>> esc_url(). Escape home_url() in header.php and other similar links
>>>> used elsewhere.
>>>>
>>> Does that mean we have to pass all links through esc_url()? Even
>>> the_permalink()?
>>>
>>> echo esc_url(get_permalink());
>>>
>>> Rather than:
>>>
>>> the_permalink() ?
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>> _______________________________________________
>>> theme-reviewers mailing list
>>> theme-reviewers at lists.wordpress.org
>>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>>
>>
>> _______________________________________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.wordpress.org
>> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20140829/c22a63f1/attachment.html>
More information about the theme-reviewers
mailing list