WordPress.org

Make WordPress Core

Changeset 44834


Ignore:
Timestamp:
03/12/2019 10:15:37 PM (8 months ago)
Author:
SergeyBiryukov
Message:

Formatting: Improve rel="nofollow" handling in comments.

Merges [44833] to the 5.1 branch.

Location:
branches/5.1
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/5.1

  • branches/5.1/src/wp-includes/formatting.php

    r44731 r44834  
    30053005    $rel  = 'nofollow';
    30063006
    3007     if ( preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'http' ) ) . ')%i', $text ) ||
    3008         preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'https' ) ) . ')%i', $text ) ) {
    3009 
    3010         return "<a $text>";
     3007    if ( ! empty( $atts['href'] ) ) {
     3008        if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
     3009            if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
     3010                return "<a $text>";
     3011            }
     3012        }
    30113013    }
    30123014
     
    30213023        $html = '';
    30223024        foreach ( $atts as $name => $value ) {
    3023             $html .= "{$name}=\"$value\" ";
     3025            $html .= "{$name}=\"" . esc_attr( $value ) . "\" ";
    30243026        }
    30253027        $text = trim( $html );
    30263028    }
    3027     return "<a $text rel=\"$rel\">";
     3029    return "<a $text rel=\"" . esc_attr( $rel ) . "\">";
    30283030}
    30293031
Note: See TracChangeset for help on using the changeset viewer.