[wp-trac] [WordPress Trac] #12715: wp_get_nav_menu_item runs esc_html on attributes

WordPress Trac wp-trac at lists.automattic.com
Thu Mar 25 23:55:23 UTC 2010


#12715: wp_get_nav_menu_item runs esc_html on attributes
--------------------------+-------------------------------------------------
 Reporter:  pdclark       |       Owner:                                        
     Type:  defect (bug)  |      Status:  new                                   
 Priority:  normal        |   Milestone:  Unassigned                            
Component:  General       |     Version:  3.0                                   
 Severity:  normal        |    Keywords:  nav menu, nav-menus, navigation, menus
--------------------------+-------------------------------------------------
 In wp-includes/nav-menu-template.php, the function wp_get_nav_menu_item()
 runs esc_html on the attributes passed to the menu in line 155 through
 159.

 The specific attributes are before, after, link_before, and link_after.

 This may be a "feature," not a bug, but below is the use case where I
 consider the use of esc_html to be in error:

 Say I create a menu, and for styling purposes, would like to wrap each
 link in a DIV:


 {{{
 $atts = array(
         'container_class' => 'menu-header',
         'before' => '<div>',
         'after' => '</div>',
         'menu' => '',
 );

 wp_nav_menu( $atts );
 }}}

 Expected output for a link for this would be:
 {{{
 <li><div><a href="#">Link</a></div></li>
 }}}

 Instead, esc_html turns it into:
 {{{
 <li>&lt;div&gt;<a href="#">Link</a>&lt;/div&gt;</li>
 }}}
 Which causes those <div> tags to be output as actual text, rather than
 being used for markup.

 Working around the esc_html gets a bit hacky, with one solution looking
 like this:

 {{{
 $atts = array(
         'container_class' => 'menu-header',
         'echo' => false,
         'before' => '%div%',
         'after' => '%/div%',
         'menu' => '',
  );

 wp_nav_menu( $atts );
 $menu = str_replace(
         array( '%div%', '%/div%',),
         array( '<div>', '</div>',),
         $menu
 );

 echo $menu;
 }}}

 It seems to me that it might make more sense to apply esc_html via a
 filter, so it can be added or removed in a more standard way, or to do
 away with it all together, assuming that the before and after attributes
 are going to often be used for HTML markup.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/12715>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list