To improve troubleshooting use `esc_html()` for a failed embed.

see #28195. git-svn-id: https://develop.svn.wordpress.org/trunk@29354 602fd350-edb4-49c9-b593-d223f7449a82
2014-08-01 22:33:55 +00:00 · 2014-08-01 22:33:55 +00:00 · 54faec35e4
parent 6d656e7880
commit 54faec35e4
1 changed files with 3 additions and 3 deletions
--- a/src/wp-admin/includes/ajax-actions.php
+++ b/src/wp-admin/includes/ajax-actions.php
@ -2655,7 +2655,7 @@ function wp_ajax_parse_embed() {
 	if ( ! $parsed ) {
 		wp_send_json_error( array(
 			'type' => 'not-embeddable',
-			'message' => sprintf( __( '%s failed to embed.' ), '<code>' . esc_url( $url ) . '</code>' ),
+			'message' => sprintf( __( '%s failed to embed.' ), '<code>' . esc_html( $url ) . '</code>' ),
 		) );
 	}

@ -2685,7 +2685,7 @@ function wp_ajax_parse_embed() {
 		// Admin is ssl and the embed is not. Iframes, scripts, and other "active content" will be blocked.
 		wp_send_json_error( array(
 			'type' => 'not-ssl',
-			'message' => sprintf( __( 'Preview not available. %s cannot be embedded securely.' ), '<code>' . esc_url( $url ) . '</code>' ),
+			'message' => sprintf( __( 'Preview not available. %s cannot be embedded securely.' ), '<code>' . esc_html( $url ) . '</code>' ),
 		) );
 	}

@ -2723,4 +2723,4 @@ function wp_ajax_parse_media_shortcode() {
 	}

 	wp_send_json_success( ob_get_clean() );
-}
+}