[wp-trac] [WordPress Trac] #54362: Wrong Escaping Function
WordPress Trac
noreply at wordpress.org
Fri Dec 3 05:46:27 UTC 2021
#54362: Wrong Escaping Function
-------------------------------------+-----------------------------
Reporter: chintan1896 | Owner: (none)
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 6.0
Component: Plugins | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch needs-refresh | Focuses: administration
-------------------------------------+-----------------------------
Changes (by SergeyBiryukov):
* keywords: has-patch 2nd-opinion dev-feedback => has-patch needs-refresh
* focuses: => administration
* component: General => Plugins
* milestone: Awaiting Review => 6.0
Comment:
Thanks for the patch!
As noted above, we can add `esc_url()` here, but the `__()` call should
not be removed to allow for the URL to be translated. So I think something
like this should work here:
{{{
<?php echo esc_url( __( 'https://wordpress.org/plugins/' ) . $api->slug );
?>
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54362#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list