WordPress.org

Make WordPress Core

Changeset 45991


Ignore:
Timestamp:
09/04/2019 05:38:51 PM (2 months ago)
Author:
SergeyBiryukov
Message:

Improve handling the existing rel attribute in wp_rel_nofollow_callback().

Merges [45990] to the 5.2 branch.
Props xknown, sstoqnov.

Location:
branches/5.2
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/5.2

  • branches/5.2/src/wp-includes/formatting.php

    r45837 r45991  
    30023002function wp_rel_nofollow_callback( $matches ) {
    30033003    $text = $matches[1];
    3004     $atts = shortcode_parse_atts( $matches[1] );
     3004    $atts = wp_kses_hair( $matches[1], wp_allowed_protocols() );
    30053005    $rel  = 'nofollow';
    30063006
    30073007    if ( ! empty( $atts['href'] ) ) {
    3008         if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
    3009             if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
     3008        if ( in_array( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
     3009            if ( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
    30103010                return "<a $text>";
    30113011            }
     
    30143014
    30153015    if ( ! empty( $atts['rel'] ) ) {
    3016         $parts = array_map( 'trim', explode( ' ', $atts['rel'] ) );
     3016        $parts = array_map( 'trim', explode( ' ', $atts['rel']['value'] ) );
    30173017        if ( false === array_search( 'nofollow', $parts ) ) {
    30183018            $parts[] = 'nofollow';
     
    30233023        $html = '';
    30243024        foreach ( $atts as $name => $value ) {
    3025             $html .= "{$name}=\"" . esc_attr( $value ) . '" ';
     3025            if ( isset( $value['vless'] ) && 'y' === $value['vless'] ) {
     3026                $html .= $name . ' ';
     3027            } else {
     3028                $html .= "{$name}=\"" . esc_attr( $value['value'] ) . '" ';
     3029            }
    30263030        }
    30273031        $text = trim( $html );
  • branches/5.2/tests/phpunit/tests/formatting/WPRelNoFollow.php

    r42343 r45991  
    7575        );
    7676    }
     77
     78    public function test_append_no_follow_with_valueless_attribute() {
     79        $content = '<p>This is some cool <a href="demo.com" download rel="hola">Code</a></p>';
     80        $expected = '<p>This is some cool <a href=\"demo.com\" download rel=\"hola nofollow\">Code</a></p>';
     81        $this->assertEquals( $expected, wp_rel_nofollow( $content ) );
     82    }
    7783}
Note: See TracChangeset for help on using the changeset viewer.