[theme-reviewers] esc_url() for all links?
Emil Uzelac
emil at uzelac.me
Sat Aug 30 04:51:01 UTC 2014
esc_url will check first and clean when needed:
https://core.trac.wordpress.org/browser/tags/3.9.2/src/wp-includes/formatting.php#L2875
.
Related and also to append on my previous messages:
https://core.trac.wordpress.org/changeset/23527/trunk
See:
- https://core.trac.wordpress.org/ticket/20771
- http://codex.wordpress.org/Data_Validation
Otto or Justin are more suitable to answer in details :)
On Fri, Aug 29, 2014 at 10:54 PM, Dane Morgan <dane at danemorganmedia.com>
wrote:
> Is there a list somewhere of what is an is not escaped?
>
> What happens if you escape something that is already escaped? Nothing
> horrible, right?
>
>
> Zack Tollman wrote:
>
> It's SO not escaped.
>
>
> --
> Sent with Postbox <http://www.getpostbox.com>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20140829/d1ad8f67/attachment.html>
More information about the theme-reviewers
mailing list