[wp-trac] [WordPress Trac] #56110: Need to use esc_html__ escaping function

WordPress Trac noreply at wordpress.org
Thu Jun 30 13:11:00 UTC 2022

#56110: Need to use esc_html__ escaping function
 Reporter:  kartikpatel                  |       Owner:  (none)
     Type:  defect (bug)                 |      Status:  new
 Priority:  normal                       |   Milestone:  Awaiting Review
Component:  Administration               |     Version:  trunk
 Severity:  normal                       |  Resolution:
 Keywords:  has-patch close 2nd-opinion  |     Focuses:
Changes (by SergeyBiryukov):

 * keywords:  has-patch => has-patch close 2nd-opinion


 Hi there, welcome back to WordPress Trac! Thanks for the ticket and the

 Core translations are considered safe because we have a review process for
 them, see #42639 and the discussion in #30724. (Also related: #32233,

 In WordPress core and older bundled themes, strings are generally only
 escaped in attributes or in `<option>` tags. However, this was recently
 reconsidered for newer bundled themes, see comment:5:ticket:54127.

 Some other related tickets: #47384, #47385, #49535, #49536, #49537.

 The `$blog_prefix` and `$prefix` values here are [source:tags/6.0/src/wp-
 admin/options-permalink.php?marks=76-90#L75 hardcoded and not user-
 editable], so it's not quite clear why they should be escaped.

Ticket URL: <https://core.trac.wordpress.org/ticket/56110#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list