IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

General: Replace all esc_url_raw() calls in core with sanitize_url().

Browse Source 
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.
Built from https://develop.svn.wordpress.org/trunk@53455


git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov
2022-06-01 18:14:10 +00:00
parent 3be126b751
commit 01d172b581
37 changed files with 79 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
wp-includes/theme.php
View File

@@ -1179,7 +1179,7 @@ function get_header_image() {
$url = get_random_header_image();
}
return esc_url_raw( set_url_scheme( $url ) );
return sanitize_url( set_url_scheme( $url ) );
}
/**
@@ -1428,7 +1428,7 @@ function get_uploaded_header_images() {
}
foreach ( (array) $headers as $header ) {
$url = esc_url_raw( wp_get_attachment_url( $header->ID ) );
$url = sanitize_url( wp_get_attachment_url( $header->ID ) );
$header_data = wp_get_attachment_metadata( $header->ID );
$header_index = $header->ID;
@@ -1589,7 +1589,7 @@ function get_header_video_url() {
return false;
}
return esc_url_raw( set_url_scheme( $url ) );
return sanitize_url( set_url_scheme( $url ) );
}
/**
@@ -1806,7 +1806,7 @@ function _custom_background_cb() {
$style = $color ? "background-color: #$color;" : '';
if ( $background ) {
$image = ' background-image: url("' . esc_url_raw( $background ) . '");';
$image = ' background-image: url("' . sanitize_url( $background ) . '");';
// Background Position.
$position_x = get_theme_mod( 'background_position_x', get_theme_support( 'custom-background', 'default-position-x' ) );
@@ -2146,7 +2146,7 @@ function get_editor_stylesheets() {
// Support externally referenced styles (like, say, fonts).
foreach ( $editor_styles as $key => $file ) {
if ( preg_match( '~^(https?:)?//~', $file ) ) {
$stylesheets[] = esc_url_raw( $file );
$stylesheets[] = sanitize_url( $file );
unset( $editor_styles[ $key ] );
}
}