From aa842e13b19f3eeb537f8455e5ac5e234a35d066 Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov.ru@gmail.com>
Date: Thu, 7 Mar 2013 05:30:00 +0000
Subject: [PATCH] Always escape the URL echoed by header_image(). fixes #23664.

git-svn-id: http://core.svn.wordpress.org/trunk@23633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/theme.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wp-includes/theme.php b/wp-includes/theme.php
index 9f1de9c863..8b8f42c8fc 100644
--- a/wp-includes/theme.php
+++ b/wp-includes/theme.php
@@ -981,12 +981,12 @@ function is_random_header_image( $type = 'any' ) {
 }
 
 /**
- * Display header image path.
+ * Display header image URL.
  *
  * @since 2.1.0
  */
 function header_image() {
-	echo get_header_image();
+	echo esc_url( get_header_image() );
 }
 
 /**