From a245ff9c543504cfbcf7a21fd211eb4b6ccd754c Mon Sep 17 00:00:00 2001
From: "Dominik Schilling (ocean90)" <ocean90@git.wordpress.org>
Date: Fri, 30 Sep 2016 13:14:54 +0000
Subject: [PATCH] Add 'urn' to the list of URI protocols whitelisted by
 default.

Props geekysoft, jorbin.
Fixes #37300.

git-svn-id: https://develop.svn.wordpress.org/trunk@38686 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/functions.php                      | 5 +++--
 tests/phpunit/tests/functions/allowedProtocols.php | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
index 5b3b1241a9..292abf9355 100644
--- a/src/wp-includes/functions.php
+++ b/src/wp-includes/functions.php
@@ -4954,6 +4954,7 @@ function send_frame_options_header() {
  *
  * @since 3.3.0
  * @since 4.3.0 Added 'webcal' to the protocols array.
+ * @since 4.7.0 Added 'urn' to the protocols array.
  *
  * @see wp_kses()
  * @see esc_url()
@@ -4962,13 +4963,13 @@ function send_frame_options_header() {
  *
  * @return array Array of allowed protocols. Defaults to an array containing 'http', 'https',
  *               'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet',
- *               'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', and 'webcal'.
+ *               'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal', and 'urn'.
  */
 function wp_allowed_protocols() {
 	static $protocols = array();
 
 	if ( empty( $protocols ) ) {
-		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal' );
+		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax', 'xmpp', 'webcal', 'urn' );
 
 		/**
 		 * Filters the list of protocols allowed in HTML attributes.
diff --git a/tests/phpunit/tests/functions/allowedProtocols.php b/tests/phpunit/tests/functions/allowedProtocols.php
index 77c04d4522..16540c72d9 100644
--- a/tests/phpunit/tests/functions/allowedProtocols.php
+++ b/tests/phpunit/tests/functions/allowedProtocols.php
@@ -56,6 +56,7 @@ class Tests_Functions_AllowedProtocols extends WP_UnitTestCase {
 			array( 'fax', 'fax:+123.456.78910' ), // RFC2806/RFC3966
 			array( 'xmpp', 'xmpp://guest@example.com' ), // RFC5122
 			array( 'webcal', 'webcal://example.com/calendar.ics' ),
+			array( 'urn', 'urn:uuid:6e8bc430-9c3a-11d9-9669-0800200c9a66' ), // RFC2141
 		);
 	}
 }