diff options
Diffstat (limited to 'www/crm/wp-admin/js/customize-nav-menus.js')
-rw-r--r-- | www/crm/wp-admin/js/customize-nav-menus.js | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/www/crm/wp-admin/js/customize-nav-menus.js b/www/crm/wp-admin/js/customize-nav-menus.js index b6560366..19962019 100644 --- a/www/crm/wp-admin/js/customize-nav-menus.js +++ b/www/crm/wp-admin/js/customize-nav-menus.js @@ -544,6 +544,7 @@ var menuItem, itemName = $( '#custom-menu-item-name' ), itemUrl = $( '#custom-menu-item-url' ), + url = itemUrl.val().trim(), urlRegex; if ( ! this.currentMenuControl ) { @@ -567,14 +568,14 @@ if ( '' === itemName.val() ) { itemName.addClass( 'invalid' ); return; - } else if ( ! urlRegex.test( itemUrl.val() ) ) { + } else if ( ! urlRegex.test( url ) ) { itemUrl.addClass( 'invalid' ); return; } menuItem = { 'title': itemName.val(), - 'url': itemUrl.val(), + 'url': url, 'type': 'custom', 'type_label': api.Menus.data.l10n.custom_label, 'object': 'custom' @@ -3455,7 +3456,7 @@ */ function displayNavMenuName( name ) { name = name || ''; - name = $( '<div>' ).text( name ).html(); // Emulate esc_html() which is used in wp-admin/nav-menus.php. + name = wp.sanitize.stripTagsAndEncodeText( name ); // Remove any potential tags from name. name = $.trim( name ); return name || api.Menus.data.l10n.unnamed; } |