diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php
index b716c6bc1f..529ffa0f1e 100644
a
|
b
|
function esc_sql( $data ) { |
4297 | 4297 | * |
4298 | 4298 | * @since 2.8.0 |
4299 | 4299 | * |
4300 | | * @param string $url The URL to be cleaned. |
4301 | | * @param string[] $protocols Optional. An array of acceptable protocols. |
4302 | | * Defaults to return value of wp_allowed_protocols(). |
4303 | | * @param string $_context Private. Use esc_url_raw() for database usage. |
| 4300 | * @param string $url The URL to be cleaned. |
| 4301 | * @param string[] $protocols Optional. An array of acceptable protocols. |
| 4302 | * Defaults to return value of wp_allowed_protocols(). |
| 4303 | * @param string $_context Private. Use esc_url_raw() for database usage. |
| 4304 | * @param string $default_protocol Use to specify different default, for historical |
| 4305 | * reasons esc_url defaults to http:// pass string |
| 4306 | * https:// to change the default behavior. |
4304 | 4307 | * @return string The cleaned URL after the {@see 'clean_url'} filter is applied. |
4305 | 4308 | * An empty string is returned if `$url` specifies a protocol other than |
4306 | 4309 | * those in `$protocols`, or if `$url` contains an empty string. |
4307 | 4310 | */ |
4308 | | function esc_url( $url, $protocols = null, $_context = 'display' ) { |
| 4311 | function esc_url( $url, $protocols = null, $_context = 'display', $default_protocol = 'http://' ) { |
4309 | 4312 | $original_url = $url; |
4310 | 4313 | |
4311 | 4314 | if ( '' === $url ) { |
… |
… |
function esc_url( $url, $protocols = null, $_context = 'display' ) { |
4329 | 4332 | * If the URL doesn't appear to contain a scheme, we presume |
4330 | 4333 | * it needs http:// prepended (unless it's a relative link |
4331 | 4334 | * starting with /, # or ?, or a PHP file). |
| 4335 | * @since 5.8 use default_protocol to allow https:// presumption |
4332 | 4336 | */ |
4333 | 4337 | if ( strpos( $url, ':' ) === false && ! in_array( $url[0], array( '/', '#', '?' ), true ) && |
4334 | 4338 | ! preg_match( '/^[a-z0-9-]+?\.php/i', $url ) ) { |
4335 | | $url = 'http://' . $url; |
| 4339 | $url = $default_protocol . $url; |
4336 | 4340 | } |
4337 | 4341 | |
4338 | 4342 | // Replace ampersands and single quotes only when displaying. |