WordPress.org

Make WordPress Core

Changeset 7370


Ignore:
Timestamp:
03/18/08 01:53:36 (6 years ago)
Author:
ryan
Message:

Better protocol check from Łukasz Pilorz.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/kses.php

    r7337 r7370  
    833833    global $_kses_allowed_protocols; 
    834834    $_kses_allowed_protocols = $allowed_protocols; 
    835     return preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', create_function('$matches', 'global $_kses_allowed_protocols; return wp_kses_bad_protocol_once2($matches[1], $_kses_allowed_protocols);'), $string); 
     835 
     836    $string2 = preg_split('/:|:|:/i', $string, 2); 
     837    if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) ) 
     838        $string = wp_kses_bad_protocol_once2($string2[0], $allowed_protocols) . trim($string2[1]); 
     839    else 
     840        $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', create_function('$matches', 'global $_kses_allowed_protocols; return wp_kses_bad_protocol_once2($matches[1], $_kses_allowed_protocols);'), $string); 
     841 
     842    return $string; 
    836843} 
    837844 
Note: See TracChangeset for help on using the changeset viewer.