Changeset 30444
- Timestamp:
- 11/20/2014 02:00:56 PM (10 years ago)
- Location:
- branches/4.0
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/4.0
-
branches/4.0/src/wp-includes/http.php
r29230 r30444 445 445 */ 446 446 function wp_http_validate_url( $url ) { 447 $original_url = $url; 447 448 $url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) ); 448 if ( ! $url )449 if ( ! $url || strtolower( $url ) !== strtolower( $original_url ) ) 449 450 return false; 450 451 … … 456 457 return false; 457 458 458 if ( false !== strp os( $parsed_url['host'], ':' ) )459 if ( false !== strpbrk( $parsed_url['host'], ':#?[]' ) ) 459 460 return false; 460 461 … … 474 475 if ( $ip ) { 475 476 $parts = array_map( 'intval', explode( '.', $ip ) ); 476 if ( '127.0.0.1' === $ip 477 || ( 10 === $parts[0] ) 477 if ( 127 === $parts[0] || 10 === $parts[0] 478 478 || ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] ) 479 479 || ( 192 === $parts[0] && 168 === $parts[1] )
Note: See TracChangeset
for help on using the changeset viewer.