Ticket #12284: 12284-extra.patch
File 12284-extra.patch, 1.5 KB (added by , 15 years ago) |
---|
-
wp-includes/kses.php
996 996 # Change back the allowed entities in our entity whitelist 997 997 998 998 $string = preg_replace_callback('/&([A-Za-z]{2,8});/', 'wp_kses_named_entities', $string); 999 $string = preg_replace_callback('/&# 0*([0-9]{1,5});/', 'wp_kses_normalize_entities2', $string);1000 $string = preg_replace_callback('/&# ([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', 'wp_kses_normalize_entities3', $string);999 $string = preg_replace_callback('/&#(0*[0-9]{1,7});/', 'wp_kses_normalize_entities2', $string); 1000 $string = preg_replace_callback('/&#[Xx](0*[0-9A-Fa-f]{1,6});/', 'wp_kses_normalize_entities3', $string); 1001 1001 1002 1002 return $string; 1003 1003 } … … 1040 1040 return ''; 1041 1041 1042 1042 $i = $matches[1]; 1043 return ( ( ! valid_unicode($i) ) || ($i > 65535) ? "&#$i;" : "&#$i;");1043 return ( ( ! valid_unicode($i) ) ? "&#$i;" : '&#'.ltrim($i,'0').';' ); 1044 1044 } 1045 1045 1046 1046 /** … … 1055 1055 * @return string Correctly encoded entity 1056 1056 */ 1057 1057 function wp_kses_normalize_entities3($matches) { 1058 if ( empty($matches[ 2]) )1058 if ( empty($matches[1]) ) 1059 1059 return ''; 1060 1060 1061 $hexchars = $matches[ 2];1062 return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : "&#x$hexchars;");1061 $hexchars = $matches[1]; 1062 return ( ( ! valid_unicode(hexdec($hexchars)) ) ? "&#x$hexchars;" : '&#x'.ltrim($hexchars,'0').';' ); 1063 1063 } 1064 1064 1065 1065 /**