WordPress.org

Make WordPress Core

Ticket #18250: wp-io-sanity-by-miqrogroove.patch

File wp-io-sanity-by-miqrogroove.patch, 1.4 KB (added by miqrogroove, 4 years ago)

The original 1 June security patch.

  • wp-includes/formatting.php

     
    333333        } 
    334334 
    335335        // Handle double encoding ourselves 
    336         if ( !$double_encode ) { 
     336        if ( $double_encode ) { 
     337                $string = @htmlspecialchars( $string, $quote_style, $charset ); 
     338        } else { 
     339                // Decode & into & 
    337340                $string = wp_specialchars_decode( $string, $_quote_style ); 
    338341 
    339                 /* Critical */ 
    340                 // The previous line decodes &phrase; into &phrase;  We must guarantee that &phrase; is valid before proceeding. 
     342                // Guarantee every &entity; is valid or re-encode the & 
    341343                $string = wp_kses_normalize_entities($string); 
    342344 
    343                 // Now proceed with custom double-encoding silliness 
    344                 $string = preg_replace( '/&(#?x?[0-9a-z]+);/i', '|wp_entity|$1|/wp_entity|', $string ); 
    345         } 
     345                // Now re-encode everything except &entity; 
     346                $string = preg_split( '/(&#?x?[0-9a-z]+;)/i', $string, -1, PREG_SPLIT_DELIM_CAPTURE ); 
    346347 
    347         $string = @htmlspecialchars( $string, $quote_style, $charset ); 
     348                for ($i=0; $i < count($string); $i += 2) 
     349                        $string[$i] = @htmlspecialchars( $string[$i], $quote_style, $charset ); 
    348350 
    349         // Handle double encoding ourselves 
    350         if ( !$double_encode ) { 
    351                 $string = str_replace( array( '|wp_entity|', '|/wp_entity|' ), array( '&', ';' ), $string ); 
     351                $string = implode('', $string); 
    352352        } 
    353353 
    354354        // Backwards compatibility