WordPress.org

Make WordPress Core

Changeset 45993


Ignore:
Timestamp:
09/04/2019 05:46:02 PM (3 weeks ago)
Author:
SergeyBiryukov
Message:

Improve handling the existing rel attribute in wp_rel_nofollow_callback().

Merges [45990] to the 5.0 branch.
Props xknown, sstoqnov.

Location:
branches/5.0
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/5.0

  • branches/5.0/src/wp-includes/formatting.php

    r44835 r45993  
    27482748function wp_rel_nofollow_callback( $matches ) {
    27492749    $text = $matches[1];
    2750     $atts = shortcode_parse_atts( $matches[1] );
     2750    $atts = wp_kses_hair( $matches[1], wp_allowed_protocols() );
    27512751    $rel  = 'nofollow';
    27522752
    27532753    if ( ! empty( $atts['href'] ) ) {
    2754         if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
    2755             if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
     2754        if ( in_array( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
     2755            if ( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
    27562756                return "<a $text>";
    27572757            }
     
    27602760
    27612761    if ( ! empty( $atts['rel'] ) ) {
    2762         $parts = array_map( 'trim', explode( ' ', $atts['rel'] ) );
     2762        $parts = array_map( 'trim', explode( ' ', $atts['rel']['value'] ) );
    27632763        if ( false === array_search( 'nofollow', $parts ) ) {
    27642764            $parts[] = 'nofollow';
     
    27692769        $html = '';
    27702770        foreach ( $atts as $name => $value ) {
    2771             $html .= "{$name}=\"" . esc_attr( $value ) . "\" ";
     2771            if ( isset( $value['vless'] ) && 'y' === $value['vless'] ) {
     2772                $html .= $name . ' ';
     2773            } else {
     2774                $html .= "{$name}=\"" . esc_attr( $value['value'] ) . '" ';
     2775            }
    27722776        }
    27732777        $text = trim( $html );
  • branches/5.0/tests/phpunit/tests/formatting/WPRelNoFollow.php

    r36125 r45993  
    7575        );
    7676    }
     77
     78    public function test_append_no_follow_with_valueless_attribute() {
     79        $content = '<p>This is some cool <a href="demo.com" download rel="hola">Code</a></p>';
     80        $expected = '<p>This is some cool <a href=\"demo.com\" download rel=\"hola nofollow\">Code</a></p>';
     81        $this->assertEquals( $expected, wp_rel_nofollow( $content ) );
     82    }
    7783}
Note: See TracChangeset for help on using the changeset viewer.