diff --git a/wp-admin/load-scripts.php b/wp-admin/load-scripts.php
index ba67be1f67..4d185ed536 100644
--- a/wp-admin/load-scripts.php
+++ b/wp-admin/load-scripts.php
@@ -114,7 +114,11 @@ function get_file($path) {
return @file_get_contents($path);
}
-$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $_GET['load'] );
+$load = $_GET['load'];
+if ( is_array( $load ) )
+ $load = implode( '', $load );
+
+$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $load );
$load = explode(',', $load);
if ( empty($load) )
diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php
index bb83b3ecbe..efc71e60e4 100644
--- a/wp-includes/script-loader.php
+++ b/wp-includes/script-loader.php
@@ -689,7 +689,7 @@ function _print_scripts() {
if ( $zip && defined('ENFORCE_GZIP') && ENFORCE_GZIP )
$zip = 'gzip';
- if ( !empty($wp_scripts->concat) ) {
+ if ( $concat = trim( $wp_scripts->concat, ', ' ) ) {
if ( !empty($wp_scripts->print_code) ) {
echo "\n\n";
}
- $src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&load=" . trim($wp_scripts->concat, ', ') . '&ver=' . $wp_scripts->default_version;
+ $concat = str_split( $concat, 128 );
+ $concat = 'load[]=' . implode( '&load[]=', $concat );
+
+ $src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&" . $concat . '&ver=' . $wp_scripts->default_version;
echo "\n";
}