Plugin installer beaks https URLs

[sirzooro]

From plugin installer search for plugin which has https link(s) in its readme.txt (e.g. AntiVirus). When you show details for such plugin, all https links will be broken - they will be prefixed by link to plugin's page in repository. I am not sure if API returns such links, or this prefix is added on WP side.

These link(s) are displayed correctly on wordpress.org plugin's page.

[SergeyBiryukov]

Links in plugin descriptions go through links_add_base_url().

The problem is that _links_add_base() only checks for http:
​http://core.trac.wordpress.org/browser/tags/3.3/wp-includes/formatting.php#L2815

[duck_]

19665.2.diff​ doesn't prepend anything that starts with a protocol like string (e.g. mailto:, irc:, svn:) and ensures that the URL actually begins with said protocol rather than just appearing somewhere in it.

[sirzooro]

@duck_: mailto protocol does not use slashes - e.g. mailto:someone@somewhere.com. So your path should look for ":" after word only.

[SergeyBiryukov]

19665.3.patch​ uses wp_allowed_protocols() for additional validation.

[duck_]

In [20466]:

Recognise protocols other than "http" in _links_add_base(). Props SergeyBiryukov. Fixes #19665.

Previously "https" URLs used in plugin READMEs displayed by install_plugin_information() would have the plugin's extend URL prepended.