From 3d40bbeef53997aeb9f046ae420c13144e40bd73 Mon Sep 17 00:00:00 2001
From: Jake Spurlock <whyisjake@git.wordpress.org>
Date: Wed, 18 Sep 2019 23:37:08 +0000
Subject: [PATCH] Add SMS to the list of allowed protocols.

This commit expands the list of allowed protocols. It adds the `sms://` which can be used to open meessaging clients for mobile users.

Props rilwis, kraftbj

Fixes #39415


git-svn-id: https://develop.svn.wordpress.org/trunk@46172 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/functions.php                      | 9 +++++----
 tests/phpunit/tests/functions/allowedProtocols.php | 1 +
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
index f3f9c5ff0f..035347e1ed 100644
--- a/src/wp-includes/functions.php
+++ b/src/wp-includes/functions.php
@@ -5983,6 +5983,7 @@ function send_frame_options_header() {
  * @since 3.3.0
  * @since 4.3.0 Added 'webcal' to the protocols array.
  * @since 4.7.0 Added 'urn' to the protocols array.
+ * @since 5.3.0 Added 'sms' to the protocols array.
  *
  * @see wp_kses()
  * @see esc_url()
@@ -5991,15 +5992,15 @@ function send_frame_options_header() {
  *
  * @return string[] Array of allowed protocols. Defaults to an array containing 'http', 'https',
  *                  'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet',
- *                  'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal', and 'urn'. This covers
- *                  all common link protocols, except for 'javascript' which should not be
- *                  allowed for untrusted users.
+ *                  'mms', 'rtsp', 'sms', 'svn', 'tel', 'fax', 'xmpp', 'webcal', and 'urn'.
+ *                  This covers all common link protocols, except for 'javascript' which should not
+ *                  be allowed for untrusted users.
  */
 function wp_allowed_protocols() {
 	static $protocols = array();
 
 	if ( empty( $protocols ) ) {
-		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal', 'urn' );
+		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'sms', 'svn', 'tel', 'fax', 'xmpp', 'webcal', 'urn' );
 	}
 
 	if ( ! did_action( 'wp_loaded' ) ) {
diff --git a/tests/phpunit/tests/functions/allowedProtocols.php b/tests/phpunit/tests/functions/allowedProtocols.php
index 5b32972cc7..992ccee86c 100644
--- a/tests/phpunit/tests/functions/allowedProtocols.php
+++ b/tests/phpunit/tests/functions/allowedProtocols.php
@@ -53,6 +53,7 @@ class Tests_Functions_AllowedProtocols extends WP_UnitTestCase {
 			array( 'rtsp', 'rtsp://media.example.com:554/wordpress/audiotrack' ), // RFC2326
 			array( 'svn', 'svn://core.svn.wordpress.org/' ),
 			array( 'tel', 'tel:+1-234-567-8910' ), // RFC3966
+			array( 'sms', 'sms:+1-234-567-8910' ), // RFC3966
 			array( 'fax', 'fax:+123.456.78910' ), // RFC2806/RFC3966
 			array( 'xmpp', 'xmpp://guest@example.com' ), // RFC5122
 			array( 'webcal', 'webcal://example.com/calendar.ics' ),