call to clean_url() hardcoded in sanitize_comment_cookies()
|Reported by:||wnorris||Owned by:||anonymous|
the method 'sanitize_comment_cookies' (wp-includes/comment.php) includes a hardcoded call to the method clean_url when working with the comment_author_url. This is unnecessary because that is already handled as a filter on pre_comment_author_url. Additionally, it makes it impossible (or rather very difficult) to NOT call clean_url.
Example use case: I have an OpenID plugin in which a user may actually be putting an i-name in the URL field (something akin to "=will.norris"). While this does have a URL form (http://xri.net/=will.norris), I need the raw form stored in the cookie. As it is now, I would have to remove the sanitize_comment_cookies filter and re-implement it without the hardcoded function call. If it were removed as I am proposing, this would be possible by simply removing the clean_url filter for pre_comment_author_url, but with no loss of functionality otherwise.