rayelliott
/
_s
Archived
forked from mirror/_s
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add escaping to custom header example. Make sure that proper attribute escaping is added into the example that's in the custom header include file. Since we're not including this in header.php, we should at least make sure that the example given is proper and passes WordPress Coding Standards checks. See #552 for context.

This commit is contained in:
Philip Arthur Moore 2014-08-07 11:07:50 +07:00
parent 01f15acadd
commit 63d8fcb190
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/custom-header.php
View File

@ -7,7 +7,7 @@
<?php if ( get_header_image() ) : ?> <?php if ( get_header_image() ) : ?>
<a href="<?php echo esc_url( home_url( '/' ) ); ?>" rel="home"> <a href="<?php echo esc_url( home_url( '/' ) ); ?>" rel="home">
<img src="<?php header_image(); ?>" width="<?php echo get_custom_header()->width; ?>" height="<?php echo get_custom_header()->height; ?>" alt=""> <img src="<?php header_image(); ?>" width="<?php echo esc_attr( get_custom_header()->width ); ?>" height="<?php echo esc_attr( get_custom_header()->height ); ?>" alt="">
</a> </a>
<?php endif; // End header image check. ?> <?php endif; // End header image check. ?>