[wp-trac] [WordPress Trac] #58251: Escaping issue found while echoing attribute's dynamic value in html attribute.
WordPress Trac
noreply at wordpress.org
Sat May 6 07:07:51 UTC 2023
#58251: Escaping issue found while echoing attribute's dynamic value in html
attribute.
---------------------------+-------------------------------
Reporter: madhusudandev | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Toolbar | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses: coding-standards
---------------------------+-------------------------------
Comment (by nazmulhudadev):
Hi @audrasjb and @SergeyBiryukov,
Thanks to both of you for helpful comments.
I also think same as @SergeyBiryukov, that it is a good idea to escape
anything that is a variable. I follow that approach and that is why I've
added the suggestion to escape the variable $class.
I appreciate the insights and suggestions, and I'm open to further
feedback to improve my code.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58251#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list