rayelliott
/
_s
Archived
forked from mirror/_s
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Escape dynamic value $nav_id when used as an attribute and html comment. Fixes #146 props @ounziw

This commit is contained in:
Michael Fields 2013-02-02 05:03:08 -10:00
parent f9e8b9cf42
commit b7563b8a99
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/template-tags.php
View File

@ -35,7 +35,7 @@ function _s_content_nav( $nav_id ) {
$nav_class = 'site-navigation post-navigation';
?>
<nav role="navigation" id="<?php echo $nav_id; ?>" class="<?php echo $nav_class; ?>">
<nav role="navigation" id="<?php echo esc_attr( $nav_id ); ?>" class="<?php echo $nav_class; ?>">
<h1 class="assistive-text"><?php _e( 'Post navigation', '_s' ); ?></h1>
<?php if ( is_single() ) : // navigation links for single posts ?>
@ -55,7 +55,7 @@ function _s_content_nav( $nav_id ) {
<?php endif; ?>
</nav><!-- #<?php echo $nav_id; ?> -->
</nav><!-- #<?php echo esc_html( $nav_id ); ?> -->
<?php
}
endif; // _s_content_nav