[wp-trac] [WordPress Trac] #53349: Added esc_attr in Edit Comment Form Field
WordPress Trac
noreply at wordpress.org
Mon Jun 7 18:46:11 UTC 2021
#53349: Added esc_attr in Edit Comment Form Field
--------------------------+-----------------------------------------------
Reporter: utsav72640 | Owner: SergeyBiryukov
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 5.8
Component: Comments | Version:
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses: administration, coding-standards
--------------------------+-----------------------------------------------
Changes (by SergeyBiryukov):
* owner: (none) => SergeyBiryukov
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"51080" 51080]:
{{{
#!CommitTicketReference repository="" revision="51080"
Comments: Escape comment author's email in the Edit Comment form.
Technically, this is redundant, as the `comment_author`,
`comment_author_email`, and `comment_author_url` fields are already
escaped via `get_comment_to_edit()` before the form is displayed.
However, this brings some consistency with the `comment_author` and
`comment_author_url` fields being escaped in the same form.
Follow-up to [11721].
Props utsav72640.
Fixes #53349.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53349#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list