Changeset 42314 for branches/3.7

Timestamp:

11/29/2017 04:51:21 PM (8 years ago)

Author:

johnbillion

Message:

Hardening: Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.

Merges [42260] to the 3.7 branch.

Location:

branches/3.7

Files:

• . (modified) (1 prop)
• src (modified) (1 prop)
• src/wp-includes/feed.php (modified) (2 diffs)

branches/3.7/src/wp-includes/feed.php

@@ -396 +396 @@
                 $type = $t[0];
 
-                echo apply_filters('rss_enclosure', '<enclosure url="' . trim(htmlspecialchars($enclosure[0])) . '" length="' . trim($enclosure[1]) . '" type="' . $type . '" />' . "\n");
+                echo apply_filters( 'rss_enclosure', '<enclosure url="' . esc_url( trim( $enclosure[0] ) ) . '" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( $type ) . '" />' . "\n" );
             }
         }
@@ -427 +427 @@
             foreach ( (array) $val as $enc ) {
                 $enclosure = explode("\n", $enc);
-                echo apply_filters('atom_enclosure', '<link href="' . trim(htmlspecialchars($enclosure[0])) . '" rel="enclosure" length="' . trim($enclosure[1]) . '" type="' . trim($enclosure[2]) . '" />' . "\n");
+                echo apply_filters( 'atom_enclosure', '<link href="' . esc_url( trim( $enclosure[0] ) ) . '" rel="enclosure" length="' . absint( trim( $enclosure[1] ) ) . '" type="' . esc_attr( trim( $enclosure[2] ) ) . '" />' . "\n" );
             }
         }