[wp-trac] [WordPress Trac] #41921: add esc_html before the admin title display
WordPress Trac
noreply at wordpress.org
Tue Apr 30 14:17:20 UTC 2019
#41921: add esc_html before the admin title display
------------------------------+------------------------------
Reporter: lalitpendhare | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: has-patch commit | Focuses:
------------------------------+------------------------------
Changes (by andraganescu):
* keywords: has-patch => has-patch commit
Comment:
@SergeyBiryukov the reason is that the title passes through a filter and
it might undo the effect of the esc_html above. Whenever there is such a
possibility all throughout the codebase esc_html is used right at output
time, like in this patch., therefore I think this is a good patch.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41921#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list