Validate good times, come on. Props Viper007Bond. fixes #3113

git-svn-id: https://develop.svn.wordpress.org/trunk@4169 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 14:20:15 +00:00 · 2006-09-07 17:28:29 +00:00
parent fbb3c673d7
commit 8941e0dfbe
5 changed files with 12 additions and 8 deletions
--- a/wp-admin/page.php
+++ b/wp-admin/page.php
@@ -57,7 +57,7 @@ case 'edit':
 	?>
 	<div id='preview' class='wrap'>
 	<h2 id="preview-post"><?php _e('Page Preview (updated when page is saved)'); ?> <small class="quickjump"><a href="#write-post"><?php _e('edit &uarr;'); ?></a></small></h2>
-		<iframe src="<?php echo apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID))); ?>" width="100%" height="600" ></iframe>
+		<iframe src="<?php echo wp_specialchars(apply_filters('preview_page_link', add_query_arg('preview', 'true', get_permalink($post->ID)))); ?>" width="100%" height="600" ></iframe>
 	</div>
 	<?php
 	break;