Some extra XSS protection. Redundant, but we should always escape late! see #11119

git-svn-id: https://develop.svn.wordpress.org/trunk@12169 602fd350-edb4-49c9-b593-d223f7449a82
2009-11-12 02:37:28 +00:00 · 2009-11-12 02:37:28 +00:00 · 292e5394a4
commit 292e5394a4
parent 27da9f3013
1 changed files with 1 additions and 1 deletions
--- a/wp-admin/press-this.php
+++ b/wp-admin/press-this.php
@ -582,7 +582,7 @@ var photostorage = false;
 						echo '<p>';
 						if ( $selection )
 							_e('via ');
-						echo "<a href='$url'>$title</a>.</p>";
+						printf( "<a href='%s'>%s</a>.</p>", esc_url( $url ), esc_html( $title ) );
 					}
 				?></textarea>
 			</div>