General: Restore (un-deprecate) the sanitize_url() function.

A general security rule is "Sanitize when you save, escape when you echo", and for the most part WordPress has well-named functions like `sanitize_email()` and others, with `esc_url_raw()` being a single exception that does not follow the naming.

This commit restores the previously deprecated `sanitize_url()` function as a valid alias of `esc_url_raw()`.

This better aligns with the naming with other `sanitize_*()` functions:

* `sanitize_bookmark()`
* `sanitize_bookmark_field()`
* `sanitize_category()`
* `sanitize_category_field()`
* `sanitize_comment_cookies()`
* `sanitize_email()`
* `sanitize_file_name()`
* `sanitize_hex_color()`
* `sanitize_hex_color_no_hash()`
* `sanitize_html_class()`
* `sanitize_key()`
* `sanitize_meta()`
* `sanitize_mime_type()`
* `sanitize_option()`
* `sanitize_post()`
* `sanitize_post_field()`
* `sanitize_sql_orderby()`
* `sanitize_term()`
* `sanitize_term_field()`
* `sanitize_text_field()`
* `sanitize_textarea_field()`
* `sanitize_title()`
* `sanitize_title_for_query()`
* `sanitize_title_with_dashes()`
* `sanitize_trackback_urls()`
* `sanitize_user()`
* `sanitize_user_field()`

Follow-up to [11383], [13096].

Props Ipstenu, aadilali.
Fixes #53876.

git-svn-id: https://develop.svn.wordpress.org/trunk@51597 602fd350-edb4-49c9-b593-d223f7449a82

Author: SergeyBiryukov

src/wp-includes/deprecated.php

@@ -2023,22 +2023,6 @@ function get_link( $bookmark_id, $output = OBJECT, $filter = 'raw' ) {
 	return get_bookmark($bookmark_id, $output, $filter);
 }
 
-/**
- * Performs esc_url() for database or redirect usage.
- *
- * @since 2.3.1
- * @deprecated 2.8.0 Use esc_url_raw()
- * @see esc_url_raw()
- *
- * @param string $url The URL to be cleaned.
- * @param array $protocols An array of acceptable protocols.
- * @return string The cleaned URL.
- */
-function sanitize_url( $url, $protocols = null ) {
-	_deprecated_function( __FUNCTION__, '2.8.0', 'esc_url_raw()' );
-	return esc_url_raw( $url, $protocols );
-}
-
 /**
  * Checks and cleans a URL.
  *

src/wp-includes/formatting.php

@@ -4404,7 +4404,7 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
 }
 
 /**
- * Performs esc_url() for database usage.
+ * Performs esc_url() for database or redirect usage.
  *
  * @since 2.8.0
  *
@@ -4419,6 +4419,26 @@ function esc_url_raw( $url, $protocols = null ) {
 	return esc_url( $url, $protocols, 'db' );
 }
 
+/**
+ * Performs esc_url() for database or redirect usage.
+ *
+ * This function is an alias for esc_url_raw().
+ *
+ * @since 2.3.1
+ * @since 2.8.0 Deprecated in favor of esc_url_raw().
+ * @since 5.9.0 Restored (un-deprecated).
+ *
+ * @see esc_url_raw()
+ *
+ * @param string   $url       The URL to be cleaned.
+ * @param string[] $protocols Optional. An array of acceptable protocols.
+ *                            Defaults to return value of wp_allowed_protocols().
+ * @return string The cleaned URL after esc_url() is run with the 'db' context.
+ */
+function sanitize_url( $url, $protocols = null ) {
+	return esc_url_raw( $url, $protocols );
+}
+
 /**
  * Convert entities, while preserving already-encoded entities.
  *