diff -r -U2 wordpress.orig/wp-includes/formatting.php wordpress/wp-includes/formatting.php
--- wordpress.orig/wp-includes/formatting.php 2009-11-11 17:10:13.000000000 -0600
+++ wordpress/wp-includes/formatting.php 2011-01-11 10:34:13.970920002 -0600
@@ -2092,6 +2092,7 @@
// Replace ampersands and single quotes only when displaying.
if ( 'display' == $context ) {
- $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
- $url = str_replace( "'", ''', $url );
+ $url = wp_kses_normalize_entities( $url );
+ $url = str_replace( '&', '&', $url );
+ $url = str_replace( "'", ''', $url );
}
diff -r -U2 wordpress.orig/wp-includes/kses.php wordpress/wp-includes/kses.php
--- wordpress.orig/wp-includes/kses.php 2009-07-08 04:53:22.000000000 -0500
+++ wordpress/wp-includes/kses.php 2011-01-11 10:47:04.468920001 -0600
@@ -534,5 +534,5 @@
}
- if ( $arreach['name'] == 'style' ) {
+ if ( strtolower($arreach['name']) == 'style' ) {
$orig_value = $arreach['value'];
@@ -626,5 +626,5 @@
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
@@ -642,5 +642,5 @@
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
@@ -658,5 +658,5 @@
{
$thisval = $match[1];
- if ( in_array($attrname, $uris) )
+ if ( in_array(strtolower($attrname), $uris) )
$thisval = wp_kses_bad_protocol($thisval, $allowed_protocols);
@@ -882,12 +882,7 @@
*/
function wp_kses_bad_protocol_once($string, $allowed_protocols) {
- global $_kses_allowed_protocols;
- $_kses_allowed_protocols = $allowed_protocols;
-
- $string2 = preg_split('/:|:|:/i', $string, 2);
- if ( isset($string2[1]) && !preg_match('%/\?%', $string2[0]) )
- $string = wp_kses_bad_protocol_once2($string2[0]) . trim($string2[1]);
- else
- $string = preg_replace_callback('/^((&[^;]*;|[\sA-Za-z0-9])*)'.'(:|:|&#[Xx]3[Aa];)\s*/', 'wp_kses_bad_protocol_once2', $string);
+ $string2 = preg_split( '/:|�*58;|�*3a;/i', $string, 2 );
+ if ( isset($string2[1]) && ! preg_match('%/\?%', $string2[0]) )
+ $string = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols ) . trim( $string2[1] );
return $string;
@@ -903,19 +898,9 @@
* @since 1.0.0
*
- * @param mixed $matches string or preg_replace_callback() matches array to check for bad protocols
+ * @param string $string URI scheme to check against the whitelist
+ * @param string $allowed_protocols Allowed protocols
* @return string Sanitized content
*/
-function wp_kses_bad_protocol_once2($matches) {
- global $_kses_allowed_protocols;
-
- if ( is_array($matches) ) {
- if ( ! isset($matches[1]) || empty($matches[1]) )
- return '';
-
- $string = $matches[1];
- } else {
- $string = $matches;
- }
-
+function wp_kses_bad_protocol_once2( $string, $allowed_protocols ) {
$string2 = wp_kses_decode_entities($string);
$string2 = preg_replace('/\s/', '', $string2);
@@ -926,6 +911,6 @@
$allowed = false;
- foreach ( (array) $_kses_allowed_protocols as $one_protocol)
- if (strtolower($one_protocol) == $string2) {
+ foreach ( (array) $allowed_protocols as $one_protocol )
+ if ( strtolower($one_protocol) == $string2 ) {
$allowed = true;
break;