Changes from trunk/wp-includes/kses.php at r18856 to branches/3.3/wp-includes/kses.php at r20541
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/3.3/wp-includes/kses.php
r18856 r20541 928 928 function wp_kses_bad_protocol($string, $allowed_protocols) { 929 929 $string = wp_kses_no_null($string); 930 $ string2 = $string.'a';931 932 while ($string != $string2){933 $ string2= $string;930 $iterations = 0; 931 932 do { 933 $original_string = $string; 934 934 $string = wp_kses_bad_protocol_once($string, $allowed_protocols); 935 } # while 935 } while ( $original_string != $string && ++$iterations < 6 ); 936 937 if ( $original_string != $string ) 938 return ''; 936 939 937 940 return $string; … … 1032 1035 * @return string Sanitized content 1033 1036 */ 1034 function wp_kses_bad_protocol_once($string, $allowed_protocols ) {1037 function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) { 1035 1038 $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 ); 1036 if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) 1037 $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] ); 1039 if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) { 1040 $string = trim( $string2[1] ); 1041 $protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ); 1042 if ( 'feed:' == $protocol ) { 1043 if ( $count > 2 ) 1044 return ''; 1045 $string = wp_kses_bad_protocol_once( $string, $allowed_protocols, ++$count ); 1046 if ( empty( $string ) ) 1047 return $string; 1048 } 1049 $string = $protocol . $string; 1050 } 1038 1051 1039 1052 return $string;
Note: See TracChangeset
for help on using the changeset viewer.