WordPress.org

Make WordPress Core

Opened 15 months ago

Last modified 14 months ago

#46791 reopened defect (bug)

esc_url() adding http:// to a relative URL to parent directory '../pathname/'

Reported by: OrangePixelNath Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.1
Component: Formatting Keywords: has-patch needs-testing
Focuses: Cc:

Description

esc_url() adds 'http://' when it shouldn't.

Line 4191 wp-includes/formatting.php states

If the URL doesn't appear to contain a scheme, we presume it needs http:// prepended (unless a relative link starting with /, # or ? or a php file).

This is prepending http:// to a relative url to a parent directory i.e. ../path-to-page/

Funtion needs ../ adding to the array or some regex code.

Attachments (2)

46791.diff (633 bytes) - added by subrataemfluence 15 months ago.
Proposed patch.
46791-2.diff (782 bytes) - added by subrataemfluence 15 months ago.
Corrected patch.

Download all attachments as: .zip

Change History (8)

#1 @SergeyBiryukov
15 months ago

  • Component changed from General to Formatting

@subrataemfluence
15 months ago

Proposed patch.

@subrataemfluence
15 months ago

Corrected patch.

#2 @OrangePixelNath
14 months ago

  • Resolution set to worksforme
  • Status changed from new to closed

#3 @OrangePixelNath
14 months ago

  • Keywords needs-patch added

#4 follow-up: @desrosj
14 months ago

  • Keywords has-patch added; needs-patch removed

@OrangePixelNath did you mean to close this ticket? If so, can you detail why? What did you discover that made your report incorrect or unnecessary?

#5 in reply to: ↑ 4 @OrangePixelNath
14 months ago

  • Resolution worksforme deleted
  • Status changed from closed to reopened

Replying to desrosj:

@OrangePixelNath did you mean to close this ticket? If so, can you detail why? What did you discover that made your report incorrect or unnecessary?

No sorry. I'm new to the system so didn't understand what was next.

#6 @desrosj
14 months ago

  • Keywords needs-testing added

No problem! That’s why I checked m :)

Next, the ticket stays open for community members to text and review.

Version 0, edited 14 months ago by desrosj (next)
Note: See TracTickets for help on using tickets.