Use ENT_QUOTES in esc_textarea() in case someone uses it in a value='' situation by accident. see #15454
git-svn-id: http://svn.automattic.com/wordpress/trunk@16993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
a189f21c45
commit
49c11dc768
|
@ -2368,7 +2368,7 @@ function esc_attr( $text ) {
|
|||
* @return string
|
||||
*/
|
||||
function esc_textarea( $text ) {
|
||||
$safe_text = htmlspecialchars( $text );
|
||||
$safe_text = htmlspecialchars( $text, ENT_QUOTES );
|
||||
return apply_filters( 'esc_textarea', $safe_text, $text );
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue