WordPress/wp-admin
Sergey Biryukov df4ed4015a Coding Standards: Escape the whole attributes in `wp-admin/includes/nav-menu.php`.
It is best to always escape the complete value of an attribute, not a partial value, as otherwise the escaping could be (partially) undone when the values are joined together.

While the hardcoded prefix/suffix values in this case don't necessarily create that risk, those may change to values which could be problematic, so making it a habit to escape the value in one go is best practice.

Includes:
* Moving a few `esc_url()` calls closer to the actual output and escaping the hash parts too.
* Wrapping a few long lines for better readability.

Follow-up to [14248], [23707], [42217], [55615].

Props jrf, SergeyBiryukov.
Fixes #57110.
Built from https://develop.svn.wordpress.org/trunk@55616


git-svn-id: http://core.svn.wordpress.org/trunk@55128 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-01 08:37:20 +00:00
..
css Login and Registration: Fix margin for language switcher button on small screens. 2023-03-22 12:50:18 +00:00
images Administration: Update dashboard welcome panel colors, remove broken link 2023-03-21 15:37:21 +00:00
includes Coding Standards: Escape the whole attributes in `wp-admin/includes/nav-menu.php`. 2023-04-01 08:37:20 +00:00
js Editor: Show scheduled text when changing to new future dates. 2023-03-18 16:35:18 +00:00
maint Database: Remove the check for `sitecategories` table on Database Repair screen. 2023-02-24 15:10:22 +00:00
network Help/About: Improve help text about the WordPress URL and Site URL settings. 2023-03-01 17:03:19 +00:00
user Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
about.php Help/About: Make Field Guide link translatable. 2023-03-28 15:36:18 +00:00
admin-ajax.php Coding Standards: Remove extra space in `wp-admin/admin-ajax.php`. 2022-05-07 16:21:18 +00:00
admin-footer.php Coding Standards: Simplify a condition in `wp-admin/admin-footer.php`. 2021-06-01 11:30:57 +00:00
admin-functions.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
admin-header.php Docs: Add missing description for `$typenow` global in various functions. 2022-04-04 18:39:01 +00:00
admin-post.php Administration: Require a valid action parameter to be set for `admin-ajax.php` requests. 2022-03-02 15:00:11 +00:00
admin.php Docs: Add missing description for `$taxnow` global in various functions. 2022-04-04 18:43:02 +00:00
async-upload.php Media: Remove target blank attribute from media uploader edit links. 2022-01-27 22:17:00 +00:00
authorize-application.php Docs: Various corrections and improvements to inline documentation. 2022-08-04 14:52:11 +00:00
comment.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
credits.php Help/About: Update copy & style for About page and subpages. 2023-03-09 16:30:19 +00:00
custom-background.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
custom-header.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
customize.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-28 12:52:18 +00:00
edit-comments.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
edit-form-advanced.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
edit-form-blocks.php Themes: Introduce wp_theme_has_theme_json() for public consumption. 2023-01-18 11:40:10 +00:00
edit-form-comment.php I18N: Mark screen reader strings as such with translator comments. 2023-02-07 17:10:21 +00:00
edit-link-form.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
edit-tag-form.php Networks and Sites: Officially remove global terms. 2022-09-20 02:51:09 +00:00
edit-tags.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
edit.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
erase-personal-data.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
export-personal-data.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
export.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
freedoms.php Help/About: Update copy & style for About page and subpages. 2023-03-09 16:30:19 +00:00
import.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
index.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
install-helper.php Docs: Fix typo and improve DocBlock formatting in `wp-admin/install-helper.php`. 2022-11-20 14:10:15 +00:00
install.php I18N: Mark screen reader strings as such with translator comments. 2023-02-07 17:10:21 +00:00
link-add.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
link-manager.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
link-parse-opml.php XML-RPC: Explicitly unset the reference to the parser resource after calling `xml_parser_free()` to avoid memory leaks in PHP 7.0.0 or higher. 2020-07-05 15:22:01 +00:00
link.php Coding Standards: Apply some alignment fixes from `composer format`. 2021-07-27 19:01:59 +00:00
load-scripts.php Docs: Update a comment in `wp-admin/load-styles.php` per the documentation standards. 2021-12-12 14:52:02 +00:00
load-styles.php Docs: Update a comment in `wp-admin/load-styles.php` per the documentation standards. 2021-12-12 14:52:02 +00:00
media-new.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
media-upload.php Docs: Add examples of possible names for various hooks whose name contains a dynamic portion. 2021-03-07 12:32:09 +00:00
media.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
menu-header.php Administration: Restore the correct escaping function for base64-encoded SVG icons in the admin menu. 2022-04-07 12:54:03 +00:00
menu.php Site Editor: Add 'path' query arg to Appearance > Template Parts menu. 2023-02-28 15:04:23 +00:00
moderation.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-admin.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-delete-site.php Text Changes: Improve the wording of the email sent to confirm site deletion. 2022-11-14 21:57:10 +00:00
ms-edit.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-options.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-sites.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-themes.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-upgrade-network.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
ms-users.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
my-sites.php Networks and Sites: Use consistent markup for admin notices. 2023-02-23 22:13:23 +00:00
nav-menus.php Administration: Define the `$title` global on the Menus screen for classic themes. 2023-03-15 09:05:22 +00:00
network.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options-discussion.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options-general.php Help/About: Improve help text about the WordPress URL and Site URL settings. 2023-03-01 17:03:19 +00:00
options-head.php Administration: Replace legacy `updated` message type in `add_settings_error()` calls with `success`. 2019-08-16 00:39:55 +00:00
options-media.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options-permalink.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
options-privacy.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options-reading.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options-writing.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
options.php Options, Meta APIs: Improve error messages in Options Management Administration Screen. 2022-12-01 22:20:12 +00:00
plugin-editor.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
plugin-install.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
plugins.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
post-new.php Coding Standards: Use strict comparison where static strings are involved. 2020-05-16 18:42:12 +00:00
post.php Administration: Replace contracted verb forms for better consistency. 2022-03-22 16:25:03 +00:00
press-this.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
privacy-policy-guide.php Administration: Define the `$title` global on privacy screens. 2023-02-07 14:40:21 +00:00
privacy.php Help/About: Update copy & style for About page and subpages. 2023-03-09 16:30:19 +00:00
profile.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
revision.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
setup-config.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
site-editor.php Editor: Fix 'wp-block-library-theme' style enqueue conditions. 2023-02-20 21:13:27 +00:00
site-health-info.php Site Health: Internationalizes count in the info section headings. 2021-11-01 22:36:59 +00:00
site-health.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
term.php General: Replace all `esc_url_raw()` calls in core with `sanitize_url()`. 2022-06-01 18:14:10 +00:00
theme-editor.php Help/About: Restore the correct URL for Editing Files article on Edit Themes screen. 2023-02-28 13:52:20 +00:00
theme-install.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
themes.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
tools.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
update-core.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
update.php Docs: Add a comment about the `$title` global usage in various admin files. 2021-07-22 13:53:00 +00:00
upgrade-functions.php Code Modernization: Replace `dirname( __FILE__ )` calls with `__DIR__` magic constant. 2020-02-06 06:33:11 +00:00
upgrade.php General: Replace all `esc_url_raw()` calls in core with `sanitize_url()`. 2022-06-01 18:14:10 +00:00
upload.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
user-edit.php Coding Standards: Apply various alignment corrections from `composer format`. 2023-03-29 07:13:23 +00:00
user-new.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
users.php Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin. 2023-02-23 10:38:21 +00:00
widgets-form-blocks.php Editor: Update preload paths for post, site and widgets editors 2022-04-07 13:40:04 +00:00
widgets-form.php Help/About: Avoid extra redirections on HelpHub Links. 2023-02-23 11:06:19 +00:00
widgets.php Administration: Replace contracted verb forms for better consistency. 2022-03-22 19:59:04 +00:00