[wp-trac] [WordPress Trac] #17562: esc_url() printed by the_permalink()
WordPress Trac
wp-trac at lists.automattic.com
Tue Nov 15 02:59:42 UTC 2011
#17562: esc_url() printed by the_permalink()
---------------------------------+-----------------------------
Reporter: mfields | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Template | Version: 3.2
Severity: normal | Resolution:
Keywords: has-patch 3.4-early |
---------------------------------+-----------------------------
Changes (by nacin):
* keywords: has-patch dev-feedback => has-patch 3.4-early
* milestone: Awaiting Review => Future Release
Comment:
In themes I've recently worked on, I've been adding `add_filter(
'the_permalink', 'esc_url' );`. This is a pretty obvious change. Let's add
this in 3.4-early.
Ultimately, it will cause some issues, but it will be rare: A)
htmlspecialchars() is used, rather than esc_url() or nothing, and B) the
URL actually has something to be encoded, which is not particularly common
at least regarding ampersands.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17562#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list