[wp-trac] [WordPress Trac] #32233: Improve escaping in /wp-admin/includes/template.php
WordPress Trac
noreply at wordpress.org
Sat May 2 20:04:23 UTC 2015
#32233: Improve escaping in /wp-admin/includes/template.php
-------------------------------------+------------------------------
Reporter: McGuive7 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch needs-refresh | Focuses: administration
-------------------------------------+------------------------------
Changes (by ocean90):
* keywords: has-patch needs-testing => has-patch needs-refresh
Comment:
Replying to [comment:3 McGuive7]:
> On another point, I'm confused. You say that esc_html_e() should only be
used for translatable strings, and then you go on to say translations
should be considered safe
That was just for the wrong use of `esc_html_e()` for `esc_attr_e( $bytes
)` in your patch.
Core translations are considered as safe because we have a review process
for them. See also the comments on #30724.
Side note: All occurrences of `echo __()` should be replaced with `_e()`.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32233#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list