Make WordPress Core

Ticket #41304: fix_41304_patch.diff

File fix_41304_patch.diff, 820 bytes (added by bogdanpreda, 7 years ago)

Fix for this issue made from the SVN rev. 40885

  • wp-includes/kses.php

     
    13211321 * @return string Sanitized content
    13221322 */
    13231323function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) {
    1324         $string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );
     1324    $string2 = preg_split( '/(:\/\/)|&#0*58;|&#x0*3a;/i', $string, 2 );
    13251325        if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) {
    13261326                $string = trim( $string2[1] );
    13271327                $protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols );
     
    13321332                        if ( empty( $string ) )
    13331333                                return $string;
    13341334                }
    1335                 $string = $protocol . $string;
     1335        $string = $protocol . '//' . $string;
    13361336        }
    13371337
    13381338        return $string;