sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Revert r34674 due to failures on PHP < 5.4.

Browse Source 
See #16859


git-svn-id: https://develop.svn.wordpress.org/trunk@34675 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
John Blackbourn 2015-09-29 01:00:17 +00:00
parent 2183725c54
commit f0200152be
2 changed files with 10 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
src/wp-includes/formatting.php
View File

@ -2077,17 +2077,15 @@ function _make_web_ftp_clickable_cb( $matches ) {
$ret = ''; $ret = '';
$dest = $matches[2]; $dest = $matches[2];
$dest = 'http://' . $dest; $dest = 'http://' . $dest;
$dest = esc_url($dest);
if ( empty($dest) )
return $matches[0];
// removed trailing [.,;:)] from URL // removed trailing [.,;:)] from URL
if ( in_array( substr($dest, -1), array('.', ',', ';', ':', ')') ) === true ) { if ( in_array( substr($dest, -1), array('.', ',', ';', ':', ')') ) === true ) {
$ret = substr($dest, -1); $ret = substr($dest, -1);
$dest = substr($dest, 0, strlen($dest)-1); $dest = substr($dest, 0, strlen($dest)-1);
} }
$dest = esc_url($dest);
if ( empty($dest) )
return $matches[0];
return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>$ret"; return $matches[1] . "<a href=\"$dest\" rel=\"nofollow\">$dest</a>$ret";
} }
@ -3280,8 +3278,6 @@ function esc_sql( $data ) {
* (the default behaviour) ampersands are also replaced. The 'clean_url' filter * (the default behaviour) ampersands are also replaced. The 'clean_url' filter
* is applied to the returned cleaned URL. * is applied to the returned cleaned URL.
* *
* See RFC3986
*
* @since 2.8.0 * @since 2.8.0
* *
* @param string $url The URL to be cleaned. * @param string $url The URL to be cleaned.
@ -3297,7 +3293,7 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
return $url; return $url;
$url = str_replace( ' ', '%20', $url ); $url = str_replace( ' ', '%20', $url );
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\[\]\\x80-\\xff]|i', '', $url); $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url);
if ( '' === $url ) { if ( '' === $url ) {
return $url; return $url;
@ -3310,7 +3306,7 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
$url = str_replace(';//', '://', $url); $url = str_replace(';//', '://', $url);
/* If the URL doesn't appear to contain a scheme, we /* If the URL doesn't appear to contain a scheme, we
* presume it needs http:// prepended (unless a relative * presume it needs http:// appended (unless a relative
* link starting with /, # or ? or a php file). * link starting with /, # or ? or a php file).
*/ */
if ( strpos($url, ':') === false && ! in_array( $url[0], array( '/', '#', '?' ) ) && if ( strpos($url, ':') === false && ! in_array( $url[0], array( '/', '#', '?' ) ) &&
@ -3324,43 +3320,6 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
$url = str_replace( "'", '&#039;', $url ); $url = str_replace( "'", '&#039;', $url );
} }
if ( ( false !== strpos( $url, '[' ) ) || ( false !== strpos( $url, ']' ) ) ) {
$parsed = parse_url( $url );
$front = '';
if ( isset( $parsed['scheme'] ) ) {
$front .= $parsed['scheme'] . '://';
} elseif ( '/' === $url[0] ) {
$front .= '//';
}
if ( isset( $parsed['user'] ) ) {
$front .= $parsed['user'];
}
if ( isset( $parsed['pass'] ) ) {
$front .= ':' . $parsed['pass'];
}
if ( isset( $parsed['user'] ) || isset( $parsed['pass'] ) ) {
$front .= '@';
}
if ( isset( $parsed['host'] ) ) {
$front .= $parsed['host'];
}
if ( isset( $parsed['port'] ) ) {
$front .= ':' . $parsed['port'];
}
$end_dirty = str_replace( $front, '', $url );
$end_clean = str_replace( array( '[', ']' ), array( '%5B', '%5D' ), $end_dirty );
$url = str_replace( $end_dirty, $end_clean, $url );
}
if ( '/' === $url[0] ) { if ( '/' === $url[0] ) {
$good_protocol_url = $url; $good_protocol_url = $url;
} else { } else {

76
tests/phpunit/tests/formatting/EscUrl.php
View File

@ -40,41 +40,15 @@ class Tests_Formatting_EscUrl extends WP_UnitTestCase {
} }
function test_all_url_parts() { function test_all_url_parts() {
$url = 'https://user:pass@host.example.com:1234/path;p=1?query=2&r[]=3#fragment'; $url = 'https://user:password@host.example.com:1234/path;p=1?q=2&r=3#fragment';
$this->assertEquals( $url, esc_url_raw( $url ) );
$this->assertEquals( array( $this->assertEquals( 'https://user:password@host.example.com:1234/path;p=1?q=2&#038;r=3#fragment', esc_url( $url ) );
'scheme' => 'https',
'host' => 'host.example.com',
'port' => 1234,
'user' => 'user',
'pass' => 'pass',
'path' => '/path;p=1',
'query' => 'query=2&r[]=3',
'fragment' => 'fragment',
), parse_url( $url ) );
$this->assertEquals( 'https://user:pass@host.example.com:1234/path;p=1?query=2&r%5B%5D=3#fragment', esc_url_raw( $url ) );
$this->assertEquals( 'https://user:pass@host.example.com:1234/path;p=1?query=2&#038;r%5B%5D=3#fragment', esc_url( $url ) );
}
function test_all_url_parts_ipv6() { $this->assertEquals( 'http://example.com?foo', esc_url( 'http://example.com?foo' ) );
$url = 'https://user:pass@[::FFFF::127.0.0.1]:1234/path;p=1?query=2&r[]=3#fragment';
$this->assertEquals( array(
'scheme' => 'https',
'host' => '[::FFFF::127.0.0.1]',
'port' => 1234,
'user' => 'user',
'pass' => 'pass',
'path' => '/path;p=1',
'query' => 'query=2&r[]=3',
'fragment' => 'fragment',
), parse_url( $url ) );
$this->assertEquals( 'https://user:pass@[::FFFF::127.0.0.1]:1234/path;p=1?query=2&r%5B%5D=3#fragment', esc_url_raw( $url ) );
$this->assertEquals( 'https://user:pass@[::FFFF::127.0.0.1]:1234/path;p=1?query=2&#038;r%5B%5D=3#fragment', esc_url( $url ) );
} }
function test_bare() { function test_bare() {
$this->assertEquals( 'http://example.com?foo', esc_url( 'example.com?foo' ) );
$this->assertEquals( 'http://example.com', esc_url( 'example.com' ) ); $this->assertEquals( 'http://example.com', esc_url( 'example.com' ) );
$this->assertEquals( 'http://localhost', esc_url( 'localhost' ) ); $this->assertEquals( 'http://localhost', esc_url( 'localhost' ) );
$this->assertEquals( 'http://example.com/foo', esc_url( 'example.com/foo' ) ); $this->assertEquals( 'http://example.com/foo', esc_url( 'example.com/foo' ) );
@ -151,46 +125,6 @@ class Tests_Formatting_EscUrl extends WP_UnitTestCase {
$this->assertEquals( 'feed:http://wordpress.org/feed/', esc_url( 'feed:http://wordpress.org/feed/' ) ); $this->assertEquals( 'feed:http://wordpress.org/feed/', esc_url( 'feed:http://wordpress.org/feed/' ) );
} }
/**
* @ticket 16859
*/
function test_square_brackets() {
$this->assertEquals( '/example.php?one%5B%5D=two', esc_url( '/example.php?one[]=two' ) );
$this->assertEquals( '?foo%5Bbar%5D=baz', esc_url( '?foo[bar]=baz' ) );
$this->assertEquals( '//example.com/?foo%5Bbar%5D=baz', esc_url( '//example.com/?foo[bar]=baz' ) );
$this->assertEquals( 'http://example.com/?foo%5Bbar%5D=baz', esc_url( 'example.com/?foo[bar]=baz' ) );
$this->assertEquals( 'http://localhost?foo%5Bbar%5D=baz', esc_url( 'localhost?foo[bar]=baz' ) );
$this->assertEquals( 'http://user:pass@localhost/?foo%5Bbar%5D=baz', esc_url( 'http://user:pass@localhost/?foo[bar]=baz' ) );
$this->assertEquals( 'http://localhost?foo%5Bbar%5D=baz', esc_url( 'localhost?foo[bar]=baz' ) );
$this->assertEquals( 'http://example.com/?foo%5Bbar%5D=baz', esc_url( 'http://example.com/?foo[bar]=baz' ) );
$this->assertEquals( 'http://example.com:1234/?foo%5Bbar%5D=baz', esc_url( 'http://example.com:1234/?foo[bar]=baz' ) );
$this->assertEquals( 'http://example.com/?foo%5Bbar%5D=baz', esc_url( 'http://example.com/?foo%5Bbar%5D=baz' ) );
$this->assertEquals( 'http://example.com/?baz=bar&#038;foo%5Bbar%5D=baz', esc_url( 'http://example.com/?baz=bar&foo[bar]=baz' ) );
$this->assertEquals( 'http://example.com/?baz=bar&#038;foo%5Bbar%5D=baz', esc_url( 'http://example.com/?baz=bar&#038;foo%5Bbar%5D=baz' ) );
}
/**
* @ticket 16859
*/
function test_ipv6_hosts() {
$this->assertEquals( '//[::127.0.0.1]', esc_url( '//[::127.0.0.1]' ) );
$this->assertEquals( 'http://[::FFFF::127.0.0.1]', esc_url( 'http://[::FFFF::127.0.0.1]' ) );
$this->assertEquals( 'http://[::127.0.0.1]', esc_url( 'http://[::127.0.0.1]' ) );
$this->assertEquals( 'http://[::DEAD:BEEF:DEAD:BEEF:DEAD:BEEF:DEAD:BEEF]', esc_url( 'http://[::DEAD:BEEF:DEAD:BEEF:DEAD:BEEF:DEAD:BEEF]' ) );
// IPv6 with square brackets in the query? Why not.
$this->assertEquals( '//[::FFFF::127.0.0.1]/?foo%5Bbar%5D=baz', esc_url( '//[::FFFF::127.0.0.1]/?foo[bar]=baz' ) );
$this->assertEquals( 'http://[::FFFF::127.0.0.1]/?foo%5Bbar%5D=baz', esc_url( 'http://[::FFFF::127.0.0.1]/?foo[bar]=baz' ) );
}
/**
* Courtesy of http://blog.lunatech.com/2009/02/03/what-every-web-developer-must-know-about-url-encoding
*/
function test_reserved_characters() {
$url = "http://example.com/:@-._~!$&'()*+,=;:@-._~!$&'()*+,=:@-._~!$&'()*+,==?/?:@-._~!$%27()*+,;=/?:@-._~!$%27()*+,;==#/?:@-._~!$&'()*+,;=";
$this->assertEquals( $url, esc_url_raw( $url ) );
}
/** /**
* @ticket 21974 * @ticket 21974
*/ */
@ -241,7 +175,7 @@ EOT;
* @ticket 28015 * @ticket 28015
*/ */
function test_invalid_charaters() { function test_invalid_charaters() {
$this->assertEmpty( esc_url_raw('"^<>{}`') ); $this->assertEmpty( esc_url_raw('"^[]<>{}`') );
} }
} }