[wp-trac] [WordPress Trac] #32008: Wrapper method for esc_attr
WordPress Trac
noreply at wordpress.org
Fri Apr 24 01:32:15 UTC 2015
#32008: Wrapper method for esc_attr
------------------------------------+------------------------------
Reporter: welcher | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.2
Severity: normal | Resolution:
Keywords: has-patch dev-feedback | Focuses:
------------------------------------+------------------------------
Comment (by welcher):
Replying to [comment:2 mordauk]:
> I like this idea. When I first learned about the `esc_attr()` function,
I just assumed that `esc_attr_e()` was the echo version. I'd love to have
an echo version.
@mordauk thanks!
I would like to extend the concept to other functions in the esc_* family
as well. It would be handy to just call `echo_url()` or `echo_html()` and
have the escaping done automatically.
A nice side effect of this is that WordPress developers who may not
understand or know about the importance of escaping/sanitization would
have it done for them.
Given the level of effort to implement this, it's a pretty nice gain from
a security standpoint.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32008#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list