WordPress.org

Make WordPress Core

Changeset 18826


Ignore:
Timestamp:
09/29/11 22:33:51 (3 years ago)
Author:
duck_
Message:

Introduce wp_allowed_protocols() for use in wp_kses() and esc_url(). See #18268.

This allows plugins to filter the list of protocols used for esc_url() too, and helps us keep the list of protocols in sync.

Location:
trunk/wp-includes
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/formatting.php

    r18824 r18826  
    23002300    } 
    23012301 
    2302     if ( !is_array($protocols) ) 
    2303         $protocols = array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn'); 
     2302    if ( ! is_array( $protocols ) ) 
     2303        $protocols = wp_allowed_protocols(); 
    23042304    if ( wp_kses_bad_protocol( $url, $protocols ) != $url ) 
    23052305        return ''; 
  • trunk/wp-includes/functions.php

    r18822 r18826  
    46114611} 
    46124612 
     4613/** 
     4614 * Retrieve a list of protocols to allow in HTML attributes. 
     4615 * 
     4616 * @since 3.3.0 
     4617 * @see wp_kses() 
     4618 * @see esc_url() 
     4619 * 
     4620 * @return array Array of allowed protocols 
     4621 */ 
     4622function wp_allowed_protocols() { 
     4623    static $protocols; 
     4624 
     4625    if ( empty( $protocols ) ) { 
     4626        $protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn' ); 
     4627        $protocols = apply_filters( 'kses_allowed_protocols', $protocols ); 
     4628    } 
     4629 
     4630    return $protocols; 
     4631} 
     4632 
    46134633?> 
  • trunk/wp-includes/kses.php

    r18208 r18826  
    501501 */ 
    502502function wp_kses($string, $allowed_html, $allowed_protocols = array ()) { 
    503     $allowed_protocols = wp_parse_args( $allowed_protocols, apply_filters('kses_allowed_protocols', array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn') )); 
     503    $allowed_protocols = wp_parse_args( $allowed_protocols, wp_allowed_protocols() ); 
    504504    $string = wp_kses_no_null($string); 
    505505    $string = wp_kses_js_entities($string); 
Note: See TracChangeset for help on using the changeset viewer.