diff --git a/src/wp-admin/about.php b/src/wp-admin/about.php
index 1f387eb9b1..ef81bd3714 100644
--- a/src/wp-admin/about.php
+++ b/src/wp-admin/about.php
@@ -41,7 +41,7 @@ include( ABSPATH . 'wp-admin/admin-header.php' );
-
+
diff --git a/src/wp-includes/formatting.php b/src/wp-includes/formatting.php
index bbd3e4bffc..d860784356 100644
--- a/src/wp-includes/formatting.php
+++ b/src/wp-includes/formatting.php
@@ -3159,8 +3159,10 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
if ( '' == $url )
return $url;
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url);
- $strip = array('%0d', '%0a', '%0D', '%0A');
- $url = _deep_replace($strip, $url);
+ if ( 0 !== stripos( $url, 'mailto:' ) ) {
+ $strip = array('%0d', '%0a', '%0D', '%0A');
+ $url = _deep_replace($strip, $url);
+ }
$url = str_replace(';//', '://', $url);
/* If the URL doesn't appear to contain a scheme, we
* presume it needs http:// appended (unless a relative
diff --git a/tests/phpunit/tests/formatting/EscUrl.php b/tests/phpunit/tests/formatting/EscUrl.php
index 9b97a92df8..b4d05d3921 100644
--- a/tests/phpunit/tests/formatting/EscUrl.php
+++ b/tests/phpunit/tests/formatting/EscUrl.php
@@ -68,4 +68,32 @@ class Tests_Formatting_EscUrl extends WP_UnitTestCase {
function test_protocol_relative_with_colon() {
$this->assertEquals( '//example.com/foo?foo=abc:def', esc_url( '//example.com/foo?foo=abc:def' ) );
}
+
+ /**
+ * @ticket 31632
+ */
+ function test_mailto_with_newline() {
+ $body = <<assertEquals( 'mailto:?body=Hi%20there%2C%0A%0AI%20thought%20you%20might%20want%20to%20sign%20up%20for%20this%20newsletter', $email_link );
+ }
+ /**
+ * @ticket 31632
+ */
+ function test_mailto_in_http_url_with_newline() {
+ $body = <<assertEquals( 'http://example.com/mailto:?body=Hi%20there%2CI%20thought%20you%20might%20want%20to%20sign%20up%20for%20this%20newsletter', $email_link );
+ }
+
}