From 68b418198573e88392c206bc9289b9f0978b62c2 Mon Sep 17 00:00:00 2001 From: Joe McGill Date: Sat, 5 Nov 2016 18:32:35 +0000 Subject: [PATCH] Customize: Remove Vimeo validation for external videos. Following [39128], this removes the validation logic for Vimeo URLs from `_validate_external_header_video()` since WP does not support the display of videos from Vimeo by default. This also includes a change to using `esc_url_raw()` instead of `esc_url()` on the URL value to avoid unexpected behavior from the inclusion of HTML entities. Props peterwilsoncc, westonruter. Fixes #38544. Built from https://develop.svn.wordpress.org/trunk@39148 git-svn-id: http://core.svn.wordpress.org/trunk@39088 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/class-wp-customize-manager.php | 7 +++---- wp-includes/version.php | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/wp-includes/class-wp-customize-manager.php b/wp-includes/class-wp-customize-manager.php index 30581388d9..7b3235fc9a 100644 --- a/wp-includes/class-wp-customize-manager.php +++ b/wp-includes/class-wp-customize-manager.php @@ -3768,11 +3768,10 @@ final class WP_Customize_Manager { * @return mixed */ public function _validate_external_header_video( $validity, $value ) { - $video = esc_url( $value ); + $video = esc_url_raw( $value ); if ( $video ) { - if ( ! preg_match( '#^https?://(?:www\.)?(?:youtube\.com/watch|youtu\.be/)#', $video ) - && ! preg_match( '#^https?://(.+\.)?vimeo\.com/.*#', $video ) ) { - $validity->add( 'invalid_url', __( 'Please enter a valid YouTube or Vimeo video URL.' ) ); + if ( ! preg_match( '#^https?://(?:www\.)?(?:youtube\.com/watch|youtu\.be/)#', $video ) ) { + $validity->add( 'invalid_url', __( 'Please enter a valid YouTube URL.' ) ); } } return $validity; diff --git a/wp-includes/version.php b/wp-includes/version.php index deeb05cae1..371ebef8de 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.7-beta2-39147'; +$wp_version = '4.7-beta2-39148'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.