Changeset 48132 for trunk/src/wp-includes/kses.php
- Timestamp:
- 06/23/2020 05:05:57 AM (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/kses.php
r48121 r48132 1262 1262 switch ( $mode ) { 1263 1263 case 0: 1264 if ( preg_match( '/^([ -a-zA-Z:]+)/', $attr, $match ) ) {1264 if ( preg_match( '/^([_a-zA-Z][-_a-zA-Z0-9:.]*)/', $attr, $match ) ) { 1265 1265 $attrname = $match[1]; 1266 1266 $working = 1; 1267 1267 $mode = 1; 1268 $attr = preg_replace( '/^[ -a-zA-Z:]+/', '', $attr );1268 $attr = preg_replace( '/^[_a-zA-Z][-_a-zA-Z0-9:.]*/', '', $attr ); 1269 1269 } 1270 1270 … … 1452 1452 // phpcs:disable Squiz.Strings.ConcatenationSpacing.PaddingFound -- don't remove regex indentation 1453 1453 $regex = 1454 '(?:'1455 . '[-a-zA-Z:]+' // Attribute name.1456 . '|'1457 . '\[\[?[^\[\]]+\]\]?' // Shortcode in the name position implies unfiltered_html.1458 . ')'1459 . '(?:' // Attribute value.1460 . '\s*=\s*' // All values begin with '='.1461 . '(?:'1462 . '"[^"]*"' // Double-quoted.1463 . '|'1464 . "'[^']*'" // Single-quoted.1465 . '|'1466 . '[^\s"\']+' // Non-quoted.1467 . '(?:\s|$)' // Must have a space.1468 . ')'1469 . '|'1470 . '(?:\s|$)' // If attribute has no value, space is required.1471 . ')'1472 . '\s*'; // Trailing space is optional except as mentioned above.1454 '(?:' 1455 . '[_a-zA-Z][-_a-zA-Z0-9:.]*' // Attribute name. 1456 . '|' 1457 . '\[\[?[^\[\]]+\]\]?' // Shortcode in the name position implies unfiltered_html. 1458 . ')' 1459 . '(?:' // Attribute value. 1460 . '\s*=\s*' // All values begin with '='. 1461 . '(?:' 1462 . '"[^"]*"' // Double-quoted. 1463 . '|' 1464 . "'[^']*'" // Single-quoted. 1465 . '|' 1466 . '[^\s"\']+' // Non-quoted. 1467 . '(?:\s|$)' // Must have a space. 1468 . ')' 1469 . '|' 1470 . '(?:\s|$)' // If attribute has no value, space is required. 1471 . ')' 1472 . '\s*'; // Trailing space is optional except as mentioned above. 1473 1473 // phpcs:enable 1474 1474
Note: See TracChangeset
for help on using the changeset viewer.