diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index a328238f45..e2d8c95552 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -2077,17 +2077,15 @@ function _make_web_ftp_clickable_cb( $matches ) { $ret = ''; $dest = $matches[2]; $dest = 'http://' . $dest; + $dest = esc_url($dest); + if ( empty($dest) ) + return $matches[0]; // removed trailing [.,;:)] from URL if ( in_array( substr($dest, -1), array('.', ',', ';', ':', ')') ) === true ) { $ret = substr($dest, -1); $dest = substr($dest, 0, strlen($dest)-1); } - - $dest = esc_url($dest); - if ( empty($dest) ) - return $matches[0]; - return $matches[1] . "$dest$ret"; } @@ -3280,8 +3278,6 @@ function esc_sql( $data ) { * (the default behaviour) ampersands are also replaced. The 'clean_url' filter * is applied to the returned cleaned URL. * - * See RFC3986 - * * @since 2.8.0 * * @param string $url The URL to be cleaned. @@ -3297,7 +3293,7 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) { return $url; $url = str_replace( ' ', '%20', $url ); - $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\[\]\\x80-\\xff]|i', '', $url); + $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '', $url); if ( '' === $url ) { return $url; @@ -3310,7 +3306,7 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) { $url = str_replace(';//', '://', $url); /* If the URL doesn't appear to contain a scheme, we - * presume it needs http:// prepended (unless a relative + * presume it needs http:// appended (unless a relative * link starting with /, # or ? or a php file). */ if ( strpos($url, ':') === false && ! in_array( $url[0], array( '/', '#', '?' ) ) && @@ -3324,43 +3320,6 @@ function esc_url( $url, $protocols = null, $_context = 'display' ) { $url = str_replace( "'", ''', $url ); } - if ( ( false !== strpos( $url, '[' ) ) || ( false !== strpos( $url, ']' ) ) ) { - - $parsed = parse_url( $url ); - $front = ''; - - if ( isset( $parsed['scheme'] ) ) { - $front .= $parsed['scheme'] . '://'; - } elseif ( '/' === $url[0] ) { - $front .= '//'; - } - - if ( isset( $parsed['user'] ) ) { - $front .= $parsed['user']; - } - - if ( isset( $parsed['pass'] ) ) { - $front .= ':' . $parsed['pass']; - } - - if ( isset( $parsed['user'] ) || isset( $parsed['pass'] ) ) { - $front .= '@'; - } - - if ( isset( $parsed['host'] ) ) { - $front .= $parsed['host']; - } - - if ( isset( $parsed['port'] ) ) { - $front .= ':' . $parsed['port']; - } - - $end_dirty = str_replace( $front, '', $url ); - $end_clean = str_replace( array( '[', ']' ), array( '%5B', '%5D' ), $end_dirty ); - $url = str_replace( $end_dirty, $end_clean, $url ); - - } - if ( '/' === $url[0] ) { $good_protocol_url = $url; } else { diff --git a/wp-includes/version.php b/wp-includes/version.php index 7c9a893c6f..014c6202b7 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.4-alpha-34674'; +$wp_version = '4.4-alpha-34675'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.