Opened 12 years ago
Closed 12 years ago
#24092 closed defect (bug) (fixed)
Embed handlers for the audio and video shortcodes are too permissive
Reported by: | kovshenin | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 3.6 | Priority: | normal |
Severity: | normal | Version: | 3.6 |
Component: | Media | Keywords: | has-patch commit |
Focuses: | Cc: |
Description (last modified by )
The regex patterns in the audio and video embed handlers introduced in [23729], do not contain the beginning and end of string markers (^
and $
) and will thus match things such as:
http://example.org/wp-content/uploads/directory.mp3/file.php
Not a big deal, but it probably shouldn't.
Attachments (2)
Change History (7)
#4
@
12 years ago
In 24092.2.diff:
- Add the pattern start/end markers
- Per @SergeyBiryukov move registration to
wp_maybe_load_embeds
- Rename both handler functions to match the
wp_embed_handler_*
pattern - Move handler functions closer to
wp_embed_handler_googlevideo
Note: See
TracTickets for help on using
tickets.
Shouldn't
wp_audio_embed()
andwp_video_embed()
handlers registration be moved towp_maybe_load_embeds()
?http://core.trac.wordpress.org/browser/tags/3.5.1/wp-includes/media.php#L1074