[wp-trac] [WordPress Trac] #17923: add_query_arg() should encode values

[WordPress Trac]

#17923: add_query_arg() should encode values
---------------------------------+-----------------------------
 Reporter:  Viper007Bond         |       Owner:
     Type:  defect (bug)         |      Status:  new
 Priority:  normal               |   Milestone:  Future Release
Component:  General              |     Version:  3.2
 Severity:  normal               |  Resolution:
 Keywords:  has-patch 3.6-early  |     Focuses:
---------------------------------+-----------------------------

Comment (by Viper007Bond):

 I keep running into this issue, especially when trying to harden security.
 You have to be really careful with this function if you don't want to
 create bad stuff.

 Maybe a better solution is to just introduce a new function, such as
 `add_encoded_query_arg()` that encodes and then calls `add_query_arg()`.
 That way we don't have to worry about passing yet another argument,
 especially when we would otherwise only pass 2 arguments. This also has
 the advantage of being able to deprecate `add_query_arg()` down the road
 if we so wish.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/17923#comment:22>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform