d8413a32e1
A general security rule is "Sanitize when you save, escape when you echo", and for the most part WordPress has well-named functions like `sanitize_email()` and others, with `esc_url_raw()` being a single exception that does not follow the naming. This commit restores the previously deprecated `sanitize_url()` function as a valid alias of `esc_url_raw()`. This better aligns with the naming with other `sanitize_*()` functions: * `sanitize_bookmark()` * `sanitize_bookmark_field()` * `sanitize_category()` * `sanitize_category_field()` * `sanitize_comment_cookies()` * `sanitize_email()` * `sanitize_file_name()` * `sanitize_hex_color()` * `sanitize_hex_color_no_hash()` * `sanitize_html_class()` * `sanitize_key()` * `sanitize_meta()` * `sanitize_mime_type()` * `sanitize_option()` * `sanitize_post()` * `sanitize_post_field()` * `sanitize_sql_orderby()` * `sanitize_term()` * `sanitize_term_field()` * `sanitize_text_field()` * `sanitize_textarea_field()` * `sanitize_title()` * `sanitize_title_for_query()` * `sanitize_title_with_dashes()` * `sanitize_trackback_urls()` * `sanitize_user()` * `sanitize_user_field()` Follow-up to [11383], [13096]. Props Ipstenu, aadilali. Fixes #53876. Built from https://develop.svn.wordpress.org/trunk@51597 git-svn-id: http://core.svn.wordpress.org/trunk@51208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
122 KiB
122 KiB