From 010a30cf09dc939db2ba4b9f87a22887ede3541d Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Tue, 12 Mar 2019 22:21:23 +0000 Subject: [PATCH] Formatting: Improve `rel="nofollow"` handling in comments. Merges [44833] to the 4.8 branch. Built from https://develop.svn.wordpress.org/branches/4.8@44837 git-svn-id: http://core.svn.wordpress.org/branches/4.8@44669 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/formatting.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 2a88509fca..8c2c134d9e 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -2734,10 +2734,12 @@ function wp_rel_nofollow_callback( $matches ) { $atts = shortcode_parse_atts( $matches[1] ); $rel = 'nofollow'; - if ( preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'http' ) ) . ')%i', $text ) || - preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'https' ) ) . ')%i', $text ) - ) { - return ""; + if ( ! empty( $atts['href'] ) ) { + if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) { + if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) { + return ""; + } + } } if ( ! empty( $atts['rel'] ) ) { @@ -2750,11 +2752,11 @@ function wp_rel_nofollow_callback( $matches ) { $html = ''; foreach ( $atts as $name => $value ) { - $html .= "{$name}=\"$value\" "; + $html .= "{$name}=\"" . esc_attr( $value ) . "\" "; } $text = trim( $html ); } - return ""; + return ""; } /**