WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 6 years ago

#8517 closed defect (bug) (duplicate)

Regex Failure in check_comment()

Reported by: miqrogroove Owned by: ryan
Milestone: Priority: highest omg bbq
Severity: major Version: 2.6.1
Component: Security Keywords: miqrogroove, spam, blogyul, security
Focuses: Cc:

Description

"Hold a comment in the queue if it contains 1 more more links." This setting does not work. Comments with links are being posted without moderation.

At the top of comment.php, WordPress is using the wrong regex:

"|(href\t*?=\t*?['\"]?)?(https?:)?|i"

This is the wrong pattern because WordPress is much more liberal about displaying links in comments.

default-filters.php calls

add_filter('comment_text', 'make_clickable', 9);

And in formatting.php we have

function make_clickable($ret) {
$ret = ' ' . $ret;
in testing, using arrays here was found to be faster
$ret = preg_replace_callback('#([\s>])([\w]+?:
[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_url_clickable_cb', $ret);
$ret = preg_replace_callback('#([\s>])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is', '_make_web_ftp_clickable_cb', $ret);
$ret = preg_replace_callback('#([\s>])([.0-9a-z_+-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,})#i', '_make_email_clickable_cb', $ret);
this one is not in an array because we need it to run last, for cleanup of accidental links within links
$ret = preg_replace("#(<a( [>]+?>|>))]+?>([>]+?)#i", "$1$3", $ret);
$ret = trim($ret);
return $ret;
}

Now contrast this against the filter being used by check_comment(), which is only "|(href\t*?=\t*?['\"]?)?(https?:)?|i"

Copied from http://wordpress.org/support/topic/222956

Change History (4)

comment:1 @miqrogroove6 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

Please mark duplicate of #7821. I found this fixed in SVN at revision 9782.

comment:2 @jacobsantos6 years ago

  • Milestone 2.7 deleted

comment:3 @miqrogroove6 years ago

  • Milestone set to 2.7.1
  • Resolution duplicate deleted
  • Status changed from closed to reopened

NOT FIXED in 2.7! I will post details as I find them.

comment:4 @miqrogroove6 years ago

  • Milestone 2.7.1 deleted
  • Resolution set to duplicate
  • Status changed from reopened to closed

bah, false alarm. I could have sworn this was acting up again...

Note: See TracTickets for help on using tickets.