[wp-trac] [WordPress Trac] #32816: No or inadequate Custom Link URL validation
WordPress Trac
noreply at wordpress.org
Sun Dec 11 19:07:37 UTC 2016
#32816: No or inadequate Custom Link URL validation
-------------------------------------------------+-------------------------
Reporter: JanR | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 4.8
Component: Customize | Version: 4.3
Severity: normal | Resolution:
Keywords: good-first-bug needs-testing needs- | Focuses: ui,
patch | javascript
-------------------------------------------------+-------------------------
Comment (by westonruter):
@Presskopp This problem shouldn't be evident here because there is a
whitelist of `$protocols` (`wp_allowed_protocols()`) that `esc_url_raw()`
will allow.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32816#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list