diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-01-04 13:20:38 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-01-04 13:20:38 +0000 |
| commit | 861bd9122e6d9ee710df2b6fc0a1222a8a8965cf (patch) | |
| tree | da5020f0e73f0f0ee5f8466250ce041fe22a53d0 /wp-includes/formatting.php | |
| parent | d71327104baa1c83106f008a3ed11aee70edc50d (diff) | |
| download | wordpress-mu-861bd9122e6d9ee710df2b6fc0a1222a8a8965cf.tar.gz wordpress-mu-861bd9122e6d9ee710df2b6fc0a1222a8a8965cf.tar.xz wordpress-mu-861bd9122e6d9ee710df2b6fc0a1222a8a8965cf.zip | |
WP Merge to 4674
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@830 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-includes/formatting.php')
| -rw-r--r-- | wp-includes/formatting.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 963992d..d1ec74c 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -1067,7 +1067,7 @@ function wp_richedit_pre($text) { return apply_filters('richedit_pre', $output); } -function clean_url( $url ) { +function clean_url( $url, $protocols = null ) { if ('' == $url) return $url; $url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%]|i', '', $url); $strip = array('%0d', '%0a'); @@ -1075,6 +1075,10 @@ function clean_url( $url ) { $url = str_replace(';//', '://', $url); $url = (!strstr($url, '://')) ? 'http://'.$url : $url; $url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url); + if ( !is_array($protocols) ) + $protocols = array('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet'); + if ( wp_kses_bad_protocol( $url, $protocols ) != $url ) + return ''; return $url; } |