vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2025-10-16 12:05:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

In wp_http_validate_url(), only validate the protocol in lieu of esc_url_raw(). Ensure there is a host component to the URL. fixes #24663.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@24641 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin 2013-07-10 13:35:30 +00:00
parent 707fe97ed8
commit d4b1d1bb2a
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
wp-includes/http.php
View File

@ -339,12 +339,12 @@ function send_origin_headers() {
* @return mixed URL or false on failure.
*/
function wp_http_validate_url( $url ) {
$url = esc_url_raw( $url, array( 'http', 'https' ) );
$url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) );
if ( ! $url )
return false;
$parsed_url = @parse_url( $url );
if ( ! $parsed_url )
if ( ! $parsed_url || empty( $parsed_url['host'] ) )
return false;
if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) )