Changes from tags/3.0.3 at r17175 to tags/3.0.4 at r17175

Location:

tags/3.0.4

Files:

• readme.html (modified) (1 diff)
• wp-admin/includes/update-core.php (modified) (1 diff)
• wp-includes/formatting.php (modified) (1 diff)
• wp-includes/kses.php (modified) (7 diffs)
• wp-includes/version.php (modified) (1 diff)

tags/3.0.4/readme.html

@@ -9 +9 @@
 <h1 id="logo">
     <a href="http://wordpress.org/"><img alt="WordPress" src="wp-admin/images/wordpress-logo.png" width="250" height="68" /></a>
-    <br /> Version 3.0.3
+    <br /> Version 3.0.4
 </h1>
 <p style="text-align: center">Semantic Personal Publishing Platform</p>

tags/3.0.4/wp-admin/includes/update-core.php

@@ -275 +275 @@
     $required_php_version = '4.3';
     $required_mysql_version = '4.1.2';
-    $wp_version = '3.0.3';
+    $wp_version = '3.0.4';
     $php_compat     = version_compare( $php_version, $required_php_version, '>=' );
     $mysql_compat   = version_compare( $mysql_version, $required_mysql_version, '>=' ) || file_exists( WP_CONTENT_DIR . '/db.php' );

tags/3.0.4/wp-includes/formatting.php

@@ -2237 +2237 @@
     // Replace ampersands and single quotes only when displaying.
     if ( 'display' == $_context ) {
-        $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
+        $url = wp_kses_normalize_entities( $url );
+        $url = str_replace( '&', '&', $url );
         $url = str_replace( "'", ''', $url );
     }

tags/3.0.4/wp-includes/kses.php

@@ -671 +671 @@
                 }
 
-            if ( $arreach['name'] == 'style' ) {
+            if ( strtolower($arreach['name']) == 'style' ) {
                 $orig_value = $arreach['value'];
 
@@ -763 +763 @@
                     {
                     $thisval = $match[1];
-                    if ( in_array($attrname, $uris) )
+                    if ( in_array(strtolower($attrname), $uris) )
                         $thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
@@ -779 +779 @@
                     {
                     $thisval = $match[1];
-                    if ( in_array($attrname, $uris) )
+                    if ( in_array(strtolower($attrname), $uris) )
                         $thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
@@ -795 +795 @@
                     {
                     $thisval = $match[1];
-                    if ( in_array($attrname, $uris) )
+                    if ( in_array(strtolower($attrname), $uris) )
                         $thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
 
@@ -1018 +1018 @@
  */
 function wp_kses_bad_protocol_once($string, $allowed_protocols) {
-    global $_kses_allowed_protocols;
-    $_kses_allowed_protocols = $allowed_protocols;
-
-    $string2 = preg_split('/:|:|:/i', $string, 2);
-    if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) )
-        $string = wp_kses_bad_protocol_once2($string2[0]) . trim($string2[1]);
-    else
-        $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', 'wp_kses_bad_protocol_once2', $string);
+    $string2 = preg_split( '/:|&#0*58;|&#x0*3a;/i', $string, 2 );
+    if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) )
+        $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] );
 
     return $string;
@@ -1039 +1034 @@
  * @since 1.0.0
  *
- * @param mixed $matches string or preg_replace_callback() matches array to check for bad protocols
+ * @param string $string URI scheme to check against the whitelist
+ * @param string $allowed_protocols Allowed protocols
  * @return string Sanitized content
  */
-function wp_kses_bad_protocol_once2($matches) {
-    global $_kses_allowed_protocols;
-
-    if ( is_array($matches) ) {
-        if ( empty($matches[1]) )
-            return '';
-
-        $string = $matches[1];
-    } else {
-        $string = $matches;
-    }
-
+function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
     $string2 = wp_kses_decode_entities($string);
     $string2 = preg_replace('/\s/', '', $string2);
@@ -1060 +1045 @@
 
     $allowed = false;
-    foreach ( (array) $_kses_allowed_protocols as $one_protocol)
-        if (strtolower($one_protocol) == $string2) {
+    foreach ( (array) $allowed_protocols as $one_protocol )
+        if ( strtolower($one_protocol) == $string2 ) {
             $allowed = true;
             break;

tags/3.0.4/wp-includes/version.php

@@ -9 +9 @@
  * @global string $wp_version
  */
-$wp_version = '3.0.3';
+$wp_version = '3.0.4';
 
 /**