[wp-trac] [WordPress Trac] #29127: Bundled Themes: fix escaping and minor code style issues
WordPress Trac
noreply at wordpress.org
Thu Aug 7 02:52:34 UTC 2014
#29127: Bundled Themes: fix escaping and minor code style issues
-------------------------------------+-----------------------------
Reporter: lancewillett | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Bundled Theme | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+-----------------------------
Comment (by lancewillett):
Replying to [comment:4 obenland]:
> * Can we move the definition of `$style` to the top of the function?
> * In `header.php`: Adding `esc_url()` around `header_image()` will not
work, as it echoes its content.
> * In `category.php`: Using `esc_html()` around the category description
might break things.
Fixed.
> * Do we allow HTML in the site description? If we do, using `esc_html()`
around the site description might break things.
Fixed. We do not allow HTML, and it's escaped with {{{esc_html()}}}
already: see https://core.trac.wordpress.org/browser/trunk/src/wp-
includes/formatting.php#L3303
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29127#comment:6>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list