esc_url_raw( string $url, string[] $protocols = null )

Performs esc_url() for database usage.

Contents

Description Description

Top ↑

See also See also

Top ↑

Parameters Parameters

$url

(string) (Required) The URL to be cleaned.

$protocols

(string[]) (Optional) An array of acceptable protocols. Defaults to return value of wp_allowed_protocols().

Default value: null

Top ↑

Return Return

(string) The cleaned URL after esc_url() is run with the 'db' context.

Top ↑

More Information More Information

The esc_url_raw() function is similar to esc_url() (and actually uses it), but unlike esc_url() it does not replace entities for display. The resulting URL is safe to use in database queries, redirects and HTTP requests.

This function is not safe to use for displaying the URL, use esc_url() instead.

Top ↑

Source Source

File: wp-includes/formatting.php 

function esc_url_raw( $url, $protocols = null ) {
	return esc_url( $url, $protocols, 'db' );
}

Expand full source code Collapse full source code View on Trac View on GitHub

Top ↑

Top ↑

Used By Used By

Used By
Used By Description
wp-includes/script-loader.php: wp_default_packages_inline_scripts()

Adds inline scripts required for the WordPress JavaScript packages.
wp-includes/user.php: _wp_privacy_send_request_confirmation_notification()

Notify the site administrator via email when a request is confirmed.
wp-includes/user.php: _wp_privacy_send_erasure_fulfillment_notification()

Notify the user when their erasure request is fulfilled.
wp-includes/user.php: wp_send_user_request()

Send a confirmation request email to confirm an action.
wp-admin/includes/privacy-tools.php: wp_privacy_send_personal_data_export_email()

Send an email to the user with a link to the personal data export file
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_sanitize_external_header_video()

Callback for sanitizing the external_header_video value.
wp-includes/rest-api.php: rest_sanitize_value_from_schema()

Sanitize a value based on a schema.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_sanitize_background_setting()

Callback for validating a background setting value.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_validate_external_header_video()

Callback for validating the external_header_video value.
wp-includes/theme.php: get_header_video_url()

Retrieves header video URL for custom header.
wp-includes/rest-api.php: rest_send_cors_headers()

Sends Cross-Origin Resource Sharing headers with API requests.
wp-includes/rest-api.php: rest_output_link_header()

Sends a Link header for the REST API.
wp-includes/embed.php: get_post_embed_url()

Retrieves the URL to embed a specific post in an iframe.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::set_return_url()

Set URL to link the user to when closing the Customizer.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::customize_pane_settings()

Print JavaScript settings for parent window.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::set_preview_url()

Set the initial URL to be previewed.
wp-includes/rest-api/class-wp-rest-server.php: WP_REST_Server::serve_request()

Handles serving a REST API request.
wp-includes/customize/class-wp-customize-nav-menu-item-setting.php: WP_Customize_Nav_Menu_Item_Setting::sanitize()

Sanitize an input.
wp-includes/theme.php: get_editor_stylesheets()

Retrieves any registered editor stylesheet URLs.
wp-admin/includes/theme.php: wp_prepare_themes_for_js()

Prepare themes for JavaScript.
wp-admin/includes/export.php: export_wp()

Generates the WXR export file for download.
wp-admin/includes/user.php: edit_user()

Edit user settings based on contents of $_POST
wp-admin/includes/media.php: wp_media_upload_handler()

Handles the process of uploading media.
wp-admin/includes/ajax-actions.php: wp_ajax_send_link_to_editor()

Ajax handler for sending a link to the editor.
wp-admin/includes/post.php: edit_post()

Update an existing post with values provided in $_POST.
wp-admin/includes/ajax-actions.php: _wp_ajax_delete_comment_response()

Sends back current comment total and new page links if they need to be updated.
wp-admin/includes/class-custom-image-header.php: Custom_Image_Header::set_header_image()

Choose a header image, selected from existing uploaded and default headers, or provide an array of uploaded header data (either new, or from media library).
wp-admin/includes/class-custom-background.php: Custom_Background::wp_set_background_image()
wp-admin/includes/class-custom-background.php: Custom_Background::handle_upload()

Handle an Image upload for the background image.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::customize_preview_settings()

Print JavaScript settings for preview frame.
wp-includes/theme.php: _custom_background_cb()

Default custom background callback.
wp-includes/theme.php: get_header_image()

Retrieves header image for custom header.
wp-includes/theme.php: get_uploaded_header_images()

Gets the header images uploaded for the current theme.
wp-includes/formatting.php: get_url_in_content()

Extract and return the first URL from passed content.
wp-includes/formatting.php: sanitize_option()

Sanitises various option values based on the nature of the option.
wp-includes/general-template.php: get_the_generator()

Creates the generator XML or Comment for RSS, ATOM, etc.
wp-includes/deprecated.php: sanitize_url()

Performs esc_url() for database or redirect usage.
wp-includes/class-wp-theme.php: WP_Theme::sanitize_header()

Sanitize a theme header.
wp-includes/widgets.php: wp_widget_rss_process()

Process RSS feed widget data and optionally retrieve feed items.
wp-includes/link-template.php: get_pagenum_link()

Retrieves the link for a page number.
wp-includes/update.php: wp_update_plugins()

Checks for available updates to plugins based on the latest versions hosted on WordPress.org.
wp-includes/ms-deprecated.php: get_blogaddress_by_domain()

Get a full blog URL, given a domain and a path.
wp-includes/nav-menu.php: wp_update_nav_menu_item()

Save the properties of a menu item or create a new one.
wp-includes/script-loader.php: wp_default_scripts()

Register all WordPress scripts.
Show 39 more used by Hide more used by

Top ↑

Changelog Changelog

Changelog
Version Description
2.8.0 Introduced.

Top ↑

User Contributed Notes User Contributed Notes

  1. Skip to note 1 content
    You must log in to vote on the helpfulness of this noteVote results for this note: 3You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Right and Wrong usage

    <!-- Right -->
$url = 'http://wordpress.org';
$response = wp_remote_get( esc_url_raw( $url ) ); // no need to escape entities

if ( ! is_wp_error( $response ) ) {
	echo wp_remote_retrieve_body( $response );
}

    <!-- Wrong! Use esc_url instead! -->
<img src="<?php echo esc_url_raw( $url ); ?>" />
<a href="<?php echo esc_url_raw( $url ); ?>">WordPress</a>

You must log in before being able to contribute a note or feedback.