[wp-trac] [WordPress Trac] #21923: Bug with esc_url() and header_image() in custom-header.php
WordPress Trac
wp-trac at lists.automattic.com
Wed Sep 19 10:13:12 UTC 2012
#21923: Bug with esc_url() and header_image() in custom-header.php
-----------------------------+--------------------------
Reporter: v-media | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: General
Version: 3.4.2 | Severity: minor
Keywords: |
-----------------------------+--------------------------
Just found this in custom-header.php, line 514:
... background-image:url(<?php esc_url ( header_image() ) ?>) ...
This will not work as expected, because header_image() echo's a link and
returns nothing.
The issue can be fixed by the following:
... background-image:url(<?php echo esc_url ( get_header_image() ) ?>) ...
p.s. Further investigation shows that header_image() echo's a link without
any escaping, while get_header_image() escapes the url for DB usage. I'm
not sure if echo'ing previously escaped-for-db link is a desired behavior.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21923>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list