Make WordPress Core

Ticket #3299: 3299-clean_url.patch

File 3299-clean_url.patch, 1.1 KB (added by pishmishy, 17 years ago)
  • wp-includes/formatting.php

     
    10761076}
    10771077
    10781078function clean_url( $url, $protocols = null ) {
     1079        /* It's not at all well defined what this fuction is really
     1080         * meant to achieve. I presume it doesn't just check if a
     1081         * URL is well formed but also that undesirable content
     1082         * is removed.
     1083        */
    10791084        if ('' == $url) return $url;
    1080         $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%]|i', '', $url);
     1085        $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@]|i', '', $url);
    10811086        $strip = array('%0d', '%0a');
    10821087        $url = str_replace($strip, '', $url);
    10831088        $url = str_replace(';//', '://', $url);
    1084         // Append http unless a relative link starting with / or a php file.
    1085         if ( strpos($url, '://') === false &&
     1089        /* If the URL doesn't appear to contain a scheme, we
     1090         * presume it needs http:// appended (unless a relative
     1091         * link starting with / or a php file).
     1092         */
     1093        if ( strpos($url, ':') === false &&
    10861094                substr( $url, 0, 1 ) != '/' && !preg_match('/^[a-z0-9-]+?\.php/i', $url) )
    10871095                $url = 'http://' . $url;
    10881096