mirror_php/wordpress
1
0
Fork 0
mirror of git://develop.git.wordpress.org/ synced 2025-03-21 12:29:53 +01:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity

Themes: Use esc_url() for theme screenshots on the Themes screen.

Browse Source 
This brings consistency with how screenshots are escaped elsewhere.

Follow-up to [52020], [52947].

See #53370.

git-svn-id: https://develop.svn.wordpress.org/trunk@52949 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov 2022-03-18 13:42:34 +00:00
parent 7222112803
commit 22167a2d80
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/wp-admin/themes.php
View File

@ -388,7 +388,7 @@ foreach ( $themes as $theme ) :
<div class="theme<?php echo $active_class; ?>">
<?php if ( ! empty( $theme['screenshot'][0] ) ) { ?>
<div class="theme-screenshot">
<img src="<?php echo esc_attr( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" />
<img src="<?php echo esc_url( $theme['screenshot'][0] . '?ver=' . $theme['version'] ); ?>" alt="" />
</div>
<?php } else { ?>
<div class="theme-screenshot blank"></div>