WordPress.org

Make WordPress Core

Opened 4 years ago

Last modified 12 days ago

#24824 new defect (bug)

get_attached_file() treats fully qualified URLs as relative

Reported by: tobiaskochsonlinenet Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 2.7
Component: Media Keywords: dev-feedback has-patch
Focuses: Cc:

Description

If you call the function get_attached_file() of wp-include/post.php with a fully qualified URL (like "http://www.example.com/file.ext") it will prepend the upload directory.

Checking the file's URI for :// would prevent this.

!preg_match('|^://|', $file)

Attachments (1)

24824.diff (755 bytes) - added by stevenlinx 12 days ago.

Download all attachments as: .zip

Change History (6)

#1 @tobiaskochsonlinenet
4 years ago

Oops, actually the regular expression should read:

!preg_match('|://|', $file)

#2 @SergeyBiryukov
4 years ago

  • Version changed from trunk to 2.7

Related: [8796], [9242].

#3 @chriscct7
2 years ago

  • Keywords dev-feedback added

#4 @stevenlinx
12 days ago

  • Keywords has-patch removed

@stevenlinx
12 days ago

#5 @stevenlinx
12 days ago

  • Keywords has-patch added

1.)
Related: 36308 patch fixes Windows paths and also makes the expression more compact.

2.)
This patch, which adds on top of the patch above, also fixes URL paths by prevent an URL from going into the relative path conditional.

Note: See TracTickets for help on using tickets.