IntenseWebs/WordPress
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

General: Replace all esc_url_raw() calls in core with sanitize_url().

Browse Source 
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.
Built from https://develop.svn.wordpress.org/trunk@53455


git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov
2022-06-01 18:14:10 +00:00
parent 3be126b751
commit 01d172b581
37 changed files with 79 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/widgets.php
View File

@@ -1767,7 +1767,7 @@ function wp_widget_rss_process( $widget_rss, $check_feed = true ) {
if ( $items < 1 || 20 < $items ) {
$items = 10;
}
$url = esc_url_raw( strip_tags( $widget_rss['url'] ) );
$url = sanitize_url( strip_tags( $widget_rss['url'] ) );
$title = isset( $widget_rss['title'] ) ? trim( strip_tags( $widget_rss['title'] ) ) : '';
$show_summary = isset( $widget_rss['show_summary'] ) ? (int) $widget_rss['show_summary'] : 0;
$show_author = isset( $widget_rss['show_author'] ) ? (int) $widget_rss['show_author'] : 0;