WordPress.org

Make WordPress Core


Ignore:
Timestamp:
10/13/2015 03:21:13 AM (5 years ago)
Author:
wonderboymusic
Message:

Fotmatting: in sanitize_file_name(), escape % when uploads contain them, otherwise attachment URLs will unescape the char and break.

Adds unit tests.

Props mordauk, simonwheatley, dd32, solarissmoke.
Fixes #16226.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/formatting.php

    r34920 r35122  
    13691369function sanitize_file_name( $filename ) {
    13701370    $filename_raw = $filename;
    1371     $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
     1371    $special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
    13721372    /**
    13731373     * Filter the list of characters to remove from a filename.
Note: See TracChangeset for help on using the changeset viewer.