WordPress.org

Make WordPress Core

Changeset 45996


Ignore:
Timestamp:
09/04/2019 05:47:51 PM (6 weeks ago)
Author:
SergeyBiryukov
Message:

Improve handling the existing rel attribute in wp_rel_nofollow_callback().

Merges [45990] to the 4.7 branch.
Props xknown, sstoqnov.

Location:
branches/4.7
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/4.7

  • branches/4.7/src/wp-includes/formatting.php

    r44838 r45996  
    27312731function wp_rel_nofollow_callback( $matches ) {
    27322732    $text = $matches[1];
    2733     $atts = shortcode_parse_atts( $matches[1] );
     2733    $atts = wp_kses_hair( $matches[1], wp_allowed_protocols() );
    27342734    $rel  = 'nofollow';
    27352735
    27362736    if ( ! empty( $atts['href'] ) ) {
    2737         if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
    2738             if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
     2737        if ( in_array( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) {
     2738            if ( strtolower( wp_parse_url( $atts['href']['value'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) {
    27392739                return "<a $text>";
    27402740            }
     
    27432743
    27442744    if ( ! empty( $atts['rel'] ) ) {
    2745         $parts = array_map( 'trim', explode( ' ', $atts['rel'] ) );
     2745        $parts = array_map( 'trim', explode( ' ', $atts['rel']['value'] ) );
    27462746        if ( false === array_search( 'nofollow', $parts ) ) {
    27472747            $parts[] = 'nofollow';
     
    27522752        $html = '';
    27532753        foreach ( $atts as $name => $value ) {
    2754             $html .= "{$name}=\"" . esc_attr( $value ) . "\" ";
     2754            if ( isset( $value['vless'] ) && 'y' === $value['vless'] ) {
     2755                $html .= $name . ' ';
     2756            } else {
     2757                $html .= "{$name}=\"" . esc_attr( $value['value'] ) . '" ';
     2758            }
    27552759        }
    27562760        $text = trim( $html );
  • branches/4.7/tests/phpunit/tests/formatting/WPRelNoFollow.php

    r36125 r45996  
    7575        );
    7676    }
     77
     78    public function test_append_no_follow_with_valueless_attribute() {
     79        $content = '<p>This is some cool <a href="demo.com" download rel="hola">Code</a></p>';
     80        $expected = '<p>This is some cool <a href=\"demo.com\" download rel=\"hola nofollow\">Code</a></p>';
     81        $this->assertEquals( $expected, wp_rel_nofollow( $content ) );
     82    }
    7783}
Note: See TracChangeset for help on using the changeset viewer.