Make WordPress Core


Ignore:
Timestamp:
02/11/2015 07:10:46 PM (10 years ago)
Author:
wonderboymusic
Message:

Protect <pre> tags when parsing oEmbed responses in WP_oEmbed::_strip_newlines() in DOMDocument is available.

Fixes #31214.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/class-oembed.php

    r31413 r31415  
    560560     */
    561561    public function _strip_newlines( $html, $data, $url ) {
    562         if ( false !== strpos( $html, "\n" ) )
    563             $html = str_replace( array( "\r\n", "\n" ), '', $html );
    564 
    565         return $html;
     562        if ( false === strpos( $html, "\n" ) ) {
     563            return $html;
     564        }
     565
     566        $pre = array();
     567        $tokens = array();
     568        if ( class_exists( 'DOMDocument' ) ) {
     569            $token = '__PRE__';
     570            $replace = array();
     571            $dom = new DOMDocument();
     572            $dom->loadHTML( $html );
     573            $tags = $dom->getElementsByTagName( 'pre' );
     574            foreach ( $tags as $i => $tag ) {
     575                $tag_html = $dom->saveHTML( $tag );
     576                $tag_token = $token . $i;
     577                $replace[ $tag_token ] = $tag_html;
     578                $html = str_replace( $tag_html, $tag_token, $html );
     579            }
     580            $pre = array_values( $replace );
     581            $tokens = array_keys( $replace );
     582        }
     583
     584        $stripped = str_replace( array( "\r\n", "\n" ), '', $html );
     585        return str_replace( $tokens, $pre, $stripped );
    566586    }
    567587}
Note: See TracChangeset for help on using the changeset viewer.