WordPress.org

Make WordPress Core

Changeset 24642


Ignore:
Timestamp:
07/10/13 13:45:22 (9 months ago)
Author:
nacin
Message:

Skip protocol checking in esc_url() when we are dealing with a relative URL. Prevents munging of colons in paths and query strings, when present in a protocol-relative URL.

props SergeyBiryukov.
fixes #21974.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/formatting.php

    r24582 r24642  
    26462646    } 
    26472647 
    2648     if ( ! is_array( $protocols ) ) 
    2649         $protocols = wp_allowed_protocols(); 
    2650     $good_protocol_url = wp_kses_bad_protocol( $url, $protocols ); 
    2651     if ( strtolower( $good_protocol_url ) != strtolower( $url ) ) 
    2652         return ''; 
     2648    if ( '/' === $url[0] ) { 
     2649        $good_protocol_url = $url; 
     2650    } else { 
     2651        if ( ! is_array( $protocols ) ) 
     2652            $protocols = wp_allowed_protocols(); 
     2653        $good_protocol_url = wp_kses_bad_protocol( $url, $protocols ); 
     2654        if ( strtolower( $good_protocol_url ) != strtolower( $url ) ) 
     2655            return ''; 
     2656    } 
    26532657 
    26542658    return apply_filters('clean_url', $good_protocol_url, $original_url, $_context); 
Note: See TracChangeset for help on using the changeset viewer.