Context Navigation

← Previous Change
Next Change →

kses.php

Timestamp:

12/12/2019 06:27:33 PM (6 years ago)

Author:

SergeyBiryukov

Message:

Update wp_kses_bad_protocol() to recognize &colon; on uri attributes,

wp_kses_bad_protocol() makes sure to validate that uri attributes don’t contain invalid/or not allowed protocols. While this works fine in most cases, there’s a risk that by using the colon html5 named entity, one is able to bypass this function.

Brings r46895 to the 3.8 branch.

Props: xknown, nickdaugherty, peterwilsoncc.

Location:

branches/3.8

Files:

: 2 edited

. (modified) (1 prop)
src/wp-includes/kses.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/3.8
- Property svn:mergeinfo changed
  /trunk merged: 46895

branches/3.8/src/wp-includes/kses.php

r46018	r46904
1310	1310	function wp_kses_bad_protocol_once($string, $allowed_protocols, $count = 1 ) {
1311	1311	$string = preg_replace( '/(&#058(?![;0-9])\|&#x03a(?![;a-f0-9]))/i', '$1;', $string );
1312		$string2 = preg_split( '/:\|&#058;\|&#x03a;/i', $string, 2 );
	1312	$string2 = preg_split( '/:\|&#058;\|&#x03a;\|&colon;/i', $string, 2 );
1313	1313	if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) ) {
1314	1314	$string = trim( $string2[1] );

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Make WordPress Core

Context Navigation

Changeset 46904 for branches/3.8/src/wp-includes/kses.php

Legend:

branches/3.8

branches/3.8/src/wp-includes/kses.php

Download in other formats: