From f0e451a30ff8b1fb48fd53332c426002863e8304 Mon Sep 17 00:00:00 2001
From: Andrew Nacin <nacin@git.wordpress.org>
Date: Thu, 17 Jan 2013 15:07:32 +0000
Subject: [PATCH] Treat URL schemes as case insensitive when sanitizing them in
 esc_url().

props mdawaffe.
fixes #23187.
tests: [1184/tests]



git-svn-id: https://develop.svn.wordpress.org/trunk@23303 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-includes/formatting.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php
index b5ac55bdf7..6ba28c7b68 100644
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -2603,10 +2603,11 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) {
 
 	if ( ! is_array( $protocols ) )
 		$protocols = wp_allowed_protocols();
-	if ( wp_kses_bad_protocol( $url, $protocols ) != $url )
+	$good_protocol_url = wp_kses_bad_protocol( $url, $protocols );
+	if ( strtolower( $good_protocol_url ) != strtolower( $url ) )
 		return '';
 
-	return apply_filters('clean_url', $url, $original_url, $_context);
+	return apply_filters('clean_url', $good_protocol_url, $original_url, $_context);
 }
 
 /**