vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2025-10-16 12:05:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

General: Replace two esc_url_raw() calls in core with sanitize_url().

Browse Source 
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

This replaces the two remaining instances of `esc_url_raw()` with `sanitize_url()` in WordPress core.

Follow-up to [53455], [53933], [54522].

Props rajinsharwar, SergeyBiryukov.
Fixes #59247.

git-svn-id: https://develop.svn.wordpress.org/trunk@56494 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Colin Stewart 2023-08-30 20:23:18 +00:00
parent 973b4565ee
commit bc92bb0cba
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/wp-includes/functions.php
View File

@ -3613,7 +3613,7 @@ function wp_nonce_ays( $action ) {
if ( wp_get_referer() ) {
$wp_http_referer = remove_query_arg( 'updated', wp_get_referer() );
$wp_http_referer = wp_validate_redirect( esc_url_raw( $wp_http_referer ) );
$wp_http_referer = wp_validate_redirect( sanitize_url( $wp_http_referer ) );
$html .= '</p><p>';
$html .= sprintf(

2
src/wp-includes/update.php
View File

@ -754,7 +754,7 @@ function wp_update_themes( $extra_stats = array() ) {
continue;
}
$hostname = wp_parse_url( esc_url_raw( $theme_data['UpdateURI'] ), PHP_URL_HOST );
$hostname = wp_parse_url( sanitize_url( $theme_data['UpdateURI'] ), PHP_URL_HOST );
/**
* Filters the update response for a given theme hostname.