esc_url()
WordPress function that validates and sanitizes URLs, removing dangerous protocols and characters.
How it works
WordPress function that validates and sanitizes URLs, removing dangerous protocols and characters.
In WordPress
Use esc_url() for any URL output in href, src, or action attributes.
Related terms
WP HealthKit checks for esc_url()-related vulnerabilities automatically
Run a Free Audit