Skip to content

Commit

Permalink
Output escaping: Replace attribute keys escaping from esc_html to san…
Browse files Browse the repository at this point in the history 
…itize_key

See also: WordPress/WordPress-Coding-Standards#1786
  • Loading branch information
@igorschoester
igorschoester committed Aug 2, 2019
1 parent 164f41f commit 921b5a0
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion admin/views/class-yoast-form-fieldset.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,6 @@ private function get_attributes_html( $attributes ) {
* @param string $attribute The attribute to look for.
*/
private function parse_attribute( & $value, $attribute ) {
$value = sprintf( '%s="%s"', esc_html( $attribute ), esc_attr( $value ) );
$value = sprintf( '%s="%s"', sanitize_key( $attribute ), esc_attr( $value ) );
}
}
2 changes: 1 addition & 1 deletion admin/views/class-yoast-input-select.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,6 @@ private function get_attributes() {
* @param string $attribute The attribute to look for.
*/
private function parse_attribute( & $value, $attribute ) {
$value = sprintf( '%s="%s"', esc_html( $attribute ), esc_attr( $value ) );
$value = sprintf( '%s="%s"', sanitize_key( $attribute ), esc_attr( $value ) );
}
}

0 comments on commit 921b5a0

Please sign in to comment.