Make WordPress Core

Ticket #36397: 36397.diff

File 36397.diff, 573 bytes (added by omarreiss, 9 years ago)

Make sure numerically escaped ampersands are not mistaken for hash fragments

  • src/wp-includes/functions.php

    diff --git src/wp-includes/functions.php src/wp-includes/functions.php
    index 0e720ee..2a7f4d5 100644
    function add_query_arg() { 
    781781                        $uri = $args[2];
    782782        }
    783783
    784         if ( $frag = strstr( $uri, '#' ) )
    785                 $uri = substr( $uri, 0, -strlen( $frag ) );
    786         else
     784        $frag = strrchr( $uri, '#' );
     785        if ( $frag && false === strpos( $frag, '#038;' ) ) {
     786                $uri = substr( $uri, 0, - strlen( $frag ) );
     787        } else {
    787788                $frag = '';
     789        }
    788790
    789791        if ( 0 === stripos( $uri, 'http://' ) ) {
    790792                $protocol = 'http://';