Coding Standards: Use `esc_url()` instead of `esc_attr()` for some URLs.

Follow-up to [2063], [2182], [4656], [6952], [9098], [11109], [11204], [17887], [22505], Props kebbet. See #54728. Built from https://develop.svn.wordpress.org/trunk@52957 git-svn-id: http://core.svn.wordpress.org/trunk@52546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-19 20:31:12 +00:00 · 2022-03-19 20:31:12 +00:00 · 8cdec43675
parent 280aabee27
commit 8cdec43675
6 changed files with 14 additions and 16 deletions
--- a/wp-admin/includes/class-custom-image-header.php
+++ b/wp-admin/includes/class-custom-image-header.php
@ -651,21 +651,19 @@ class Custom_Image_Header {
 			<?php submit_button( __( 'Upload' ), '', 'submit', false ); ?>
 	</p>
 			<?php
-				$modal_update_href = esc_url(
-					add_query_arg(
-						array(
-							'page' => 'custom-header',
-							'step' => 2,
-							'_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
-						),
-						admin_url( 'themes.php' )
-					)
-				);
+			$modal_update_href = add_query_arg(
+				array(
+					'page'                          => 'custom-header',
+					'step'                          => 2,
+					'_wpnonce-custom-header-upload' => wp_create_nonce( 'custom-header-upload' ),
+				),
+				admin_url( 'themes.php' )
+			);
 			?>
 	<p>
 		<label for="choose-from-library-link"><?php _e( 'Or choose an image from your media library:' ); ?></label><br />
 		<button id="choose-from-library-link" class="button"
-			data-update-link="<?php echo esc_attr( $modal_update_href ); ?>"
+			data-update-link="<?php echo esc_url( $modal_update_href ); ?>"
 			data-choose="<?php esc_attr_e( 'Choose a Custom Header' ); ?>"
 			data-update="<?php esc_attr_e( 'Set as header' ); ?>"><?php _e( 'Choose Image' ); ?></button>
 	</p>
--- a/wp-admin/includes/class-wp-comments-list-table.php
+++ b/wp-admin/includes/class-wp-comments-list-table.php
@ -919,7 +919,7 @@ class WP_Comments_List_Table extends WP_List_Table {
 			<textarea class="comment" rows="1" cols="1"><?php echo esc_textarea( $comment_content ); ?></textarea>
 			<div class="author-email"><?php echo esc_attr( $comment->comment_author_email ); ?></div>
 			<div class="author"><?php echo esc_attr( $comment->comment_author ); ?></div>
-			<div class="author-url"><?php echo esc_attr( $comment->comment_author_url ); ?></div>
+			<div class="author-url"><?php echo esc_url( $comment->comment_author_url ); ?></div>
 			<div class="comment_status"><?php echo $comment->comment_approved; ?></div>
 		</div>
 			<?php
--- a/wp-admin/includes/dashboard.php
+++ b/wp-admin/includes/dashboard.php
@ -1690,7 +1690,7 @@ function wp_dashboard_browser_nag() {
 		if ( ! empty( $response['img_src'] ) ) {
 			$img_src = ( is_ssl() && ! empty( $response['img_src_ssl'] ) ) ? $response['img_src_ssl'] : $response['img_src'];

-			$notice           .= '<div class="alignright browser-icon"><img src="' . esc_attr( $img_src ) . '" alt="" /></div>';
+			$notice           .= '<div class="alignright browser-icon"><img src="' . esc_url( $img_src ) . '" alt="" /></div>';
 			$browser_nag_class = ' has-browser-icon';
 		}
 		$notice .= "<p class='browser-update-nag{$browser_nag_class}'>{$msg}</p>";
--- a/wp-includes/media.php
+++ b/wp-includes/media.php
@ -393,7 +393,7 @@ function get_image_tag( $id, $alt, $title, $align, $size = 'medium' ) {
 	 */
 	$class = apply_filters( 'get_image_tag_class', $class, $id, $align, $size );

-	$html = '<img src="' . esc_attr( $img_src ) . '" alt="' . esc_attr( $alt ) . '" ' . $title . $hwstring . 'class="' . $class . '" />';
+	$html = '<img src="' . esc_url( $img_src ) . '" alt="' . esc_attr( $alt ) . '" ' . $title . $hwstring . 'class="' . $class . '" />';

 	/**
 	 * Filters the HTML content for the image tag.
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -16,7 +16,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '6.0-alpha-52956';
+$wp_version = '6.0-alpha-52957';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
--- a/wp-links-opml.php
+++ b/wp-links-opml.php
@ -80,7 +80,7 @@ foreach ( (array) $cats as $cat ) :
 		 */
 		$title = apply_filters( 'link_title', $bookmark->link_name );
 		?>
-<outline text="<?php echo esc_attr( $title ); ?>" type="link" xmlUrl="<?php echo esc_attr( $bookmark->link_rss ); ?>" htmlUrl="<?php echo esc_attr( $bookmark->link_url ); ?>" updated="
+<outline text="<?php echo esc_attr( $title ); ?>" type="link" xmlUrl="<?php echo esc_url( $bookmark->link_rss ); ?>" htmlUrl="<?php echo esc_url( $bookmark->link_url ); ?>" updated="
 							<?php
 							if ( '0000-00-00 00:00:00' !== $bookmark->link_updated ) {
 								echo $bookmark->link_updated;}