Added escaping to wp_shortlink_wp_head() too. See #10640 props sirzooro.

git-svn-id: https://develop.svn.wordpress.org/trunk@14207 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Peter Westwood 2010-04-23 21:20:16 +00:00
parent 8d9073103c
commit 6908b105e4
1 changed files with 13 additions and 10 deletions

View File

@ -2199,12 +2199,12 @@ function wp_get_shortlink($id = 0, $context = 'post', $allow_slugs = true) {
* @uses wp_get_shortlink()
*/
function wp_shortlink_wp_head() {
$shortlink = wp_get_shortlink(0, 'query');
$shortlink = wp_get_shortlink( 0, 'query' );
if ( empty($shortlink) )
if ( empty( $shortlink ) )
return;
echo "<link rel='shortlink' href='" . $shortlink . "' />\n";
echo "<link rel='shortlink' href='" . esc_attr( $shortlink ) . "' />\n";
}
/**
@ -2242,19 +2242,22 @@ function wp_shortlink_header() {
* @param string $before Optional HTML to display before the link.
* @param string $before Optional HTML to display after the link.
*/
function the_shortlink($text = '', $title = '', $before = '', $after = '') {
function the_shortlink( $text = '', $title = '', $before = '', $after = '' ) {
global $post;
if ( empty($text) )
if ( empty( $text ) )
$text = __('This is the short link.');
if ( empty($title) )
$title = the_title_attribute( array('echo' => FALSE) );
if ( empty( $title ) )
$title = the_title_attribute( array( 'echo' => FALSE ) );
$shortlink = wp_get_shortlink($post->ID);
$shortlink = wp_get_shortlink( $post->ID );
if ( !empty($shortlink) )
echo "$before<a rel='shortlink' href='$shortlink' title='$title'>$text</a>$after";
if ( !empty( $shortlink ) ) {
$link = '<a rel="shortlink" href="' . esc_attr( $shortlink ) . '" title="' . $title . '">' . $text . '</a>';
$link = apply_filters( 'the_shortlink', $link, $shortlink, $text, $title );
echo $before, $link, $after;
}
}
?>