esc_url_raw( string $url, array $protocols = null )

Performs esc_url() for database usage.

Contents

Description Description

Parameters Parameters

$url

(string) (Required) The URL to be cleaned.

$protocols

(array) (Optional) An array of acceptable protocols.

Default value: null

Top ↑

Return Return

(string) The cleaned URL.

Top ↑

Source Source

File: wp-includes/formatting.php 

function esc_url_raw( $url, $protocols = null ) {
	return esc_url( $url, $protocols, 'db' );
}

Expand full source code Collapse full source code View on Trac

Top ↑

Changelog Changelog

Changelog
Version Description
2.8.0 Introduced.

Top ↑

Top ↑

Used By Used By

Used By
Used By Description
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_sanitize_external_header_video()

Callback for sanitizing the external_header_video value.
wp-includes/rest-api.php: rest_sanitize_value_from_schema()

Sanitize a value based on a schema.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_sanitize_background_setting()

Callback for validating a background setting value.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::_validate_external_header_video()

Callback for validating the external_header_video value.
wp-includes/theme.php: get_header_video_url()

Retrieve header video URL for custom header.
wp-includes/rest-api.php: rest_send_cors_headers()

Sends Cross-Origin Resource Sharing headers with API requests.
wp-includes/rest-api.php: rest_output_link_header()

Sends a Link header for the REST API.
wp-includes/embed.php: get_post_embed_url()

Retrieves the URL to embed a specific post in an iframe.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::set_return_url()

Set URL to link the user to when closing the Customizer.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::customize_pane_settings()

Print JavaScript settings for parent window.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::set_preview_url()

Set the initial URL to be previewed.
wp-includes/rest-api/class-wp-rest-server.php: WP_REST_Server::serve_request()

Handles serving an API request.
wp-includes/customize/class-wp-customize-nav-menu-item-setting.php: WP_Customize_Nav_Menu_Item_Setting::sanitize()

Sanitize an input.
wp-includes/theme.php: get_editor_stylesheets()

Retrieve any registered editor stylesheets
wp-admin/includes/theme.php: wp_prepare_themes_for_js()

Prepare themes for JavaScript.
wp-admin/includes/export.php: export_wp()

Generates the WXR export file for download.
wp-admin/includes/user.php: edit_user()

Edit user settings based on contents of $_POST
wp-admin/includes/media.php: wp_media_upload_handler()

Handles the process of uploading media.
wp-admin/includes/ajax-actions.php: wp_ajax_send_link_to_editor()

Ajax handler for sending a link to the editor.
wp-admin/includes/post.php: edit_post()

Update an existing post with values provided in $_POST.
wp-admin/includes/ajax-actions.php: _wp_ajax_delete_comment_response()

Sends back current comment total and new page links if they need to be updated.
wp-admin/custom-header.php: Custom_Image_Header::set_header_image()

Choose a header image, selected from existing uploaded and default headers, or provide an array of uploaded header data (either new, or from media library).
wp-admin/custom-background.php: Custom_Background::wp_set_background_image()
wp-admin/custom-background.php: Custom_Background::handle_upload()

Handle an Image upload for the background image.
wp-includes/class-wp-customize-manager.php: WP_Customize_Manager::customize_preview_settings()

Print JavaScript settings for preview frame.
wp-includes/theme.php: _custom_background_cb()

Default custom background callback.
wp-includes/theme.php: get_header_image()

Retrieve header image for custom header.
wp-includes/theme.php: get_uploaded_header_images()

Get the header images uploaded for the current theme.
wp-includes/formatting.php: get_url_in_content()

Extract and return the first URL from passed content.
wp-includes/formatting.php: sanitize_option()

Sanitises various option values based on the nature of the option.
wp-includes/deprecated.php: sanitize_url()

Performs esc_url() for database or redirect usage.
wp-includes/class-wp-theme.php: WP_Theme::sanitize_header()

Sanitize a theme header.
wp-includes/widgets.php: wp_widget_rss_process()

Process RSS feed widget data and optionally retrieve feed items.
wp-includes/link-template.php: get_pagenum_link()

Retrieves the link for a page number.
wp-includes/ms-deprecated.php: get_blogaddress_by_domain()

Get a full blog URL, given a domain and a path.
wp-includes/nav-menu.php: wp_update_nav_menu_item()

Save the properties of a menu item or create a new one.
wp-includes/script-loader.php: wp_default_scripts()

Register all WordPress scripts.
Show 32 more used by Hide more used by

Top ↑

User Contributed Notes User Contributed Notes

  1. Skip to note content
    You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note
    Contributed by Codex

    Right and Wrong usage

    <!-- Right -->
$url = 'http://wordpress.org';
$response = wp_remote_get( esc_url_raw( $url ) ); // no need to escape entities

if ( ! is_wp_error( $response ) ) {
	echo wp_remote_retrieve_body( $response );
}

    <!-- Wrong! Use esc_url instead! -->
<img src="<?php echo esc_url_raw( $url ); ?>" />
<a href="<?php echo esc_url_raw( $url ); ?>">WordPress</a>

You must log in before being able to contribute a note or feedback.