-
Notifications
You must be signed in to change notification settings - Fork 277
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating URL escaping function. #2
Conversation
`esc_url()` should be used for `src` attributes instead of `esc_attr()`
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed (or fixed any issues), please reply here (e.g. What to do if you already signed the CLAIndividual signers
Corporate signers
ℹ️ Googlers: Go here for more info. |
Closing: Not worth signing the CLA over this 🤷♂️ |
No worries @emrikol, we'll try to fix this issue nonetheless. |
@googlebot @swissspidy |
@sviluppomania if the CLA is not signed by the author we cannot merge pull requests. However, this definitely encourages us to audit existing escaping functions and to potentially improve the code base in this regard. |
esc_url()
should be used forsrc
attributes instead ofesc_attr()
Summary
This PR can be summarized in the following changelog entry:
Addresses issue #
Relevant technical choices
Checklist: