Changeset 20540
- Timestamp:
- 04/19/2012 09:48:12 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/kses.php
r19976 r20540 976 976 function wp_kses_bad_protocol($string, $allowed_protocols) { 977 977 $string = wp_kses_no_null($string); 978 $ string2 = $string.'a';979 980 while ($string != $string2){981 $ string2= $string;978 $iterations = 0; 979 980 do { 981 $original_string = $string; 982 982 $string = wp_kses_bad_protocol_once($string, $allowed_protocols); 983 } # while 983 } while ( $original_string != $string && ++$iterations < 6 ); 984 985 if ( $original_string != $string ) 986 return ''; 984 987 985 988 return $string; … … 1080 1083 * @return string Sanitized content 1081 1084 */ 1082 function wp_kses_bad_protocol_once($string, $allowed_protocols ) {1085 function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) { 1083 1086 $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 ); 1084 if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) 1085 $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] ); 1087 if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) { 1088 $string = trim( $string2[1] ); 1089 $protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ); 1090 if ( 'feed:' == $protocol ) { 1091 if ( $count > 2 ) 1092 return ''; 1093 $string = wp_kses_bad_protocol_once( $string, $allowed_protocols, ++$count ); 1094 if ( empty( $string ) ) 1095 return $string; 1096 } 1097 $string = $protocol . $string; 1098 } 1086 1099 1087 1100 return $string;
Note: See TracChangeset
for help on using the changeset viewer.