WordPress.org

Make WordPress Core

Changeset 38159


Ignore:
Timestamp:
07/26/2016 11:23:21 PM (3 years ago)
Author:
azaozz
Message:

TinyMCE, inline link:

  • Remove proxying through WordPress to test if an URL exists.
  • Fix and enhance the regex that tests if the URL is well formed.

Fixes #36638.

Location:
trunk/src
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/admin-ajax.php

    r38118 r38159  
    6565    'press-this-add-category', 'crop-image', 'generate-password', 'save-wporg-username', 'delete-plugin',
    6666    'search-plugins', 'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme',
    67     'install-theme', 'test_url', 'get-post-thumbnail-html',
     67    'install-theme', 'get-post-thumbnail-html',
    6868);
    6969
  • trunk/src/wp-admin/includes/ajax-actions.php

    r38126 r38159  
    38873887    wp_send_json_success( $status );
    38883888}
    3889 
    3890 /**
    3891  * Ajax handler for testing if a URL exists.
    3892  *
    3893  * Used in the editor.
    3894  *
    3895  * @since 4.6.0
    3896  */
    3897 function wp_ajax_test_url() {
    3898     if ( ! current_user_can( 'edit_posts' ) || ! wp_verify_nonce( $_POST['nonce'], 'wp-test-url' ) ) {
    3899         wp_send_json_error();
    3900     }
    3901 
    3902     $href = esc_url_raw( $_POST['href'] );
    3903 
    3904     // Relative URL
    3905     if ( strpos( $href, '//' ) !== 0 && in_array( $href[0], array( '/', '#', '?' ), true ) ) {
    3906         $href = get_bloginfo( 'url' ) . $href;
    3907     }
    3908 
    3909     // No redirects
    3910     $response = wp_safe_remote_get( $href, array(
    3911         'timeout' => 15,
    3912         // Use an explicit user-agent
    3913         'user-agent' => 'WordPress URL Test',
    3914     ) );
    3915 
    3916     $error = false;
    3917 
    3918     if ( is_wp_error( $response ) ) {
    3919         if ( strpos( $response->get_error_message(), 'resolve host' ) !== false ) {
    3920             $error = true;
    3921         }
    3922     } elseif ( wp_remote_retrieve_response_code( $response ) === 404 ) {
    3923         $error = true;
    3924     }
    3925 
    3926     if ( $error ) {
    3927         wp_send_json_error( array( 'httpError' => true ) );
    3928     }
    3929 
    3930     wp_send_json_success();
    3931 }
  • trunk/src/wp-includes/class-wp-editor.php

    r38126 r38159  
    10661066            'Letter' => __( 'Letter' ),
    10671067            'Action' => __( 'Action' ),
    1068             'Warning: the link has been inserted but the destination cannot be reached.' => __( 'Warning: the link has been inserted but the destination cannot be reached.' ),
     1068            'Warning: the link has been inserted but may have errors. Please test it.' => __( 'Warning: the link has been inserted but may have errors. Please test it.' ),
    10691069            'To move focus to other buttons use Tab or the arrow keys. To return focus to the editor press Escape or use one of the buttons.' =>
    10701070                __( 'To move focus to other buttons use Tab or the arrow keys. To return focus to the editor press Escape or use one of the buttons.' ),
     
    12871287        <?php
    12881288
    1289         $has_wplink = in_array( 'wplink', self::$plugins, true );
    1290 
    1291         if ( $has_wplink ) {
    1292             echo '<input type="hidden" id="_wplink_urltest_nonce" value="' . wp_create_nonce( 'wp-test-url' ) . '" />';
    1293         }
    1294 
    1295         if ( $has_wplink || in_array( 'link', self::$qt_buttons, true ) ) {
     1289        if ( in_array( 'wplink', self::$plugins, true ) || in_array( 'link', self::$qt_buttons, true ) ) {
    12961290            self::wp_link_dialog();
    12971291        }
  • trunk/src/wp-includes/js/tinymce/plugins/wplink/plugin.js

    r38126 r38159  
    9494        var doingUndoRedoTimer;
    9595        var $ = window.jQuery;
    96         var urlErrors = {};
    9796        var emailRegex = /^(mailto:)?[a-z0-9._%+-]+@[a-z0-9][a-z0-9.-]*\.[a-z]{2,63}$/i;
     97        var urlRegex1 = /^https?:\/\/([^\s/?.#-][^\s\/?.#]*\.?)+(\/[^\s"]*)?$/i;
     98        var urlRegex2 = /^https?:\/\/[^\/]+\.[^\/]+($|\/)/i;
    9899        var speak = ( typeof window.wp !== 'undefined' && window.wp.a11y && window.wp.a11y.speak ) ? window.wp.a11y.speak : function() {};
    99100        var hasLinkError = false;
     
    151152        }
    152153
    153         function setLinkError( $link ) {
    154             hasLinkError = true;
    155             $link.attr( 'data-wplink-url-error', 'true' );
    156             speak( editor.translate( 'Warning: the link has been inserted but the destination cannot be reached.' ), 'assertive' );
    157 
    158             if ( toolbar && toolbar.visible() ) {
    159                 toolbar.$el.find( '.wp-link-preview a' ).addClass( 'wplink-url-error' );
    160             }
    161         }
    162 
    163154        function checkLink( node ) {
    164155            var $link = editor.$( node );
     
    171162            hasLinkError = false;
    172163
    173             if ( /^http/i.test( href ) && ! /^https?:\/\/[a-z0-9][a-z0-9.-]*\.[a-z]{2,63}(\/|$)/i.test( href ) ) {
    174                 urlErrors[href] = true;
    175             }
    176 
    177             if ( urlErrors.hasOwnProperty( href ) ) {
    178                 setLinkError( $link );
    179                 return;
     164            if ( /^http/i.test( href ) && ( ! urlRegex1.test( href ) || ! urlRegex2.test( href ) ) ) {
     165                hasLinkError = true;
     166                $link.attr( 'data-wplink-url-error', 'true' );
     167                speak( editor.translate( 'Warning: the link has been inserted but may have errors. Please test it.' ), 'assertive' );
    180168            } else {
    181169                $link.removeAttr( 'data-wplink-url-error' );
    182170            }
    183 
    184             $.post(
    185                 window.ajaxurl, {
    186                     action: 'test_url',
    187                     nonce: $( '#_wplink_urltest_nonce' ).val(),
    188                     href: href
    189                 },
    190                 'json'
    191             ).done( function( response ) {
    192                 if ( response.success ) {
    193                     return;
    194                 }
    195 
    196                 if ( response.data && response.data.httpError ) {
    197                     urlErrors[href] = true;
    198                     setLinkError( $link );
    199                 }
    200             });
    201171        }
    202172
Note: See TracChangeset for help on using the changeset viewer.