[wp-trac] [WordPress Trac] #54362: Wrong Escaping Function
WordPress Trac
noreply at wordpress.org
Mon Nov 15 18:14:05 UTC 2021
#54362: Wrong Escaping Function
------------------------------------------------+--------------------------
Reporter: chintan1896 | Owner: (none)
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting
| Review
Component: General | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion dev-feedback | Focuses:
------------------------------------------------+--------------------------
Changes (by henry.wright):
* keywords: has-patch => has-patch 2nd-opinion dev-feedback
Comment:
The {{{src}}} attribute value should be escaped. I understand the need to
allow translators to change the URL to a different language but a better
approach would be to make the URL filterable.
My proposal is this
1. Make the URL filterable and then
2. Escape the {{{src}}} attribute value
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54362#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list