Context Navigation

← Previous Ticket
Next Ticket →

#4222 closed defect (bug) (invalid)

Use wordpress default function and escaping function.

Reported by:	BharatKambariya	Owned by:
Milestone:		Priority:	normal
Component:	General	Keywords:	has-patch
Cc:

Description

I have updated wp_parse_url() instead of parse_url(), added escaping function for better security purpose.

Attachments (1)

#4222.diff (848 bytes) - added by BharatKambariya 4 years ago.

Download all attachments as: .zip

Change History (2)

@BharatKambariya
4 years ago

Attachment #4222.diff added

#1 @dd32
4 years ago

Resolution set to invalid
Status changed from new to closed

The use of wp_parse_url() isn't required here - just because WordPress has a wrapper for it to account for bugs in older PHP, doesn't mean it should always be used.

get_the_title() doesn't need to be HTML escaped here either, and may intentionally return HTML.

For future patches, can you also please ensure that the patch file contains the path to the file, or mention what project the patch applies to, as we have a lot of similar files over many different themes, thankfully this particular one had a unique filename/textdomain though.

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats:

Making WordPress.org