sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Twenty Ten: correct attribute escaping in the attachment template. Props philiparthurmoore, see #28251. 

git-svn-id: https://develop.svn.wordpress.org/trunk@28463 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Lance Willett 2014-05-16 22:43:31 +00:00
parent a6129f5ea3
commit c338a15b1f
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/wp-content/themes/twentyten/loop-attachment.php
View File

@ -18,7 +18,7 @@
<?php if ( have_posts() ) while ( have_posts() ) : the_post(); ?>
<?php if ( ! empty( $post->post_parent ) ) : ?>
<p class="page-title"><a href="<?php echo get_permalink( $post->post_parent ); ?>" title="<?php echo esc_attr( sprintf( __( 'Return to %s', 'twentyten' ), strip_tags( get_the_title( $post->post_parent ) ) ) ); ?>" rel="gallery"><?php
<p class="page-title"><a href="<?php echo esc_url( get_permalink( $post->post_parent ) ); ?>" title="<?php echo esc_attr( sprintf( __( 'Return to %s', 'twentyten' ), strip_tags( get_the_title( $post->post_parent ) ) ) ); ?>" rel="gallery"><?php
/* translators: %s - title of parent post */
printf( __( '<span class="meta-nav">&larr;</span> %s', 'twentyten' ), get_the_title( $post->post_parent ) );
?></a></p>
@ -52,7 +52,7 @@
$metadata = wp_get_attachment_metadata();
printf( __( 'Full size is %s pixels', 'twentyten' ),
sprintf( '<a href="%1$s" title="%2$s">%3$s &times; %4$s</a>',
wp_get_attachment_url(),
esc_url( wp_get_attachment_url() ),
esc_attr( __( 'Link to full-size image', 'twentyten' ) ),
$metadata['width'],
$metadata['height']
@ -85,7 +85,7 @@
$next_attachment_url = wp_get_attachment_url();
}
?>
<p class="attachment"><a href="<?php echo $next_attachment_url; ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php
<p class="attachment"><a href="<?php echo esc_url( $next_attachment_url ); ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php
/**
* Filter the Twenty Ten default attachment width.
*
@ -110,7 +110,7 @@
<div class="nav-next"><?php next_image_link( false ); ?></div>
</div><!-- #nav-below -->
<?php else : ?>
<a href="<?php echo wp_get_attachment_url(); ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php echo basename( get_permalink() ); ?></a>
<a href="<?php echo esc_url( wp_get_attachment_url() ); ?>" title="<?php the_title_attribute(); ?>" rel="attachment"><?php echo basename( get_permalink() ); ?></a>
<?php endif; ?>
</div><!-- .entry-attachment -->
<div class="entry-caption"><?php if ( !empty( $post->post_excerpt ) ) the_excerpt(); ?></div>