mirror of
https://github.com/WordPress/WordPress.git
synced 2024-09-29 07:37:44 +02:00
Improve kses handling of attributes in valid XHTML self closed img tags. Fixes #12394 props dougal.
git-svn-id: http://svn.automattic.com/wordpress/trunk@13561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
73a11f4d4e
commit
3775882493
@ -538,7 +538,7 @@ function wp_kses_attr($element, $attr, $allowed_html, $allowed_protocols) {
|
|||||||
# Is there a closing XHTML slash at the end of the attributes?
|
# Is there a closing XHTML slash at the end of the attributes?
|
||||||
|
|
||||||
$xhtml_slash = '';
|
$xhtml_slash = '';
|
||||||
if (preg_match('%\s/\s*$%', $attr))
|
if (preg_match('%\s*/\s*$%', $attr))
|
||||||
$xhtml_slash = ' /';
|
$xhtml_slash = ' /';
|
||||||
|
|
||||||
# Are any attributes allowed at all for this element?
|
# Are any attributes allowed at all for this element?
|
||||||
@ -664,7 +664,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
|
|||||||
|
|
||||||
case 2 : # attribute value, a URL after href= for instance
|
case 2 : # attribute value, a URL after href= for instance
|
||||||
|
|
||||||
if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match))
|
if (preg_match('%^"([^"]*)"(\s+|/?$)%', $attr, $match))
|
||||||
# "value"
|
# "value"
|
||||||
{
|
{
|
||||||
$thisval = $match[1];
|
$thisval = $match[1];
|
||||||
@ -680,7 +680,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match))
|
if (preg_match("%^'([^']*)'(\s+|/?$)%", $attr, $match))
|
||||||
# 'value'
|
# 'value'
|
||||||
{
|
{
|
||||||
$thisval = $match[1];
|
$thisval = $match[1];
|
||||||
@ -696,7 +696,7 @@ function wp_kses_hair($attr, $allowed_protocols) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match))
|
if (preg_match("%^([^\s\"']+)(\s+|/?$)%", $attr, $match))
|
||||||
# value
|
# value
|
||||||
{
|
{
|
||||||
$thisval = $match[1];
|
$thisval = $match[1];
|
||||||
|
Loading…
Reference in New Issue
Block a user