From 80a20e5c3d0dd4b10d36314a5e852598a2b5034d Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Thu, 3 Sep 2015 23:23:24 +0000 Subject: [PATCH] Handle more cases (`untrailingslashit`, HTTPS urls) for sanitizing an author URL for display in the comments list table. Props afercia, mehulkaklotar, swissspidy, johnbillion. Fixes #33291. Built from https://develop.svn.wordpress.org/trunk@33894 git-svn-id: http://core.svn.wordpress.org/trunk@33863 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/includes/class-wp-comments-list-table.php | 10 +++------- wp-includes/version.php | 2 +- 2 files changed, 4 insertions(+), 8 deletions(-) diff --git a/wp-admin/includes/class-wp-comments-list-table.php b/wp-admin/includes/class-wp-comments-list-table.php index 0d2d16eb8a..a2120a9e64 100644 --- a/wp-admin/includes/class-wp-comments-list-table.php +++ b/wp-admin/includes/class-wp-comments-list-table.php @@ -636,19 +636,15 @@ class WP_Comments_List_Table extends WP_List_Table { global $comment_status; $author_url = get_comment_author_url( $comment->comment_ID ); - if ( 'http://' == $author_url ) { - $author_url = ''; - } - $author_url_display = preg_replace( '|http://(www\.)?|i', '', $author_url ); + $author_url_display = untrailingslashit( preg_replace( '|^http(s)?://(www\.)?|i', '', $author_url ) ); if ( strlen( $author_url_display ) > 50 ) { $author_url_display = wp_html_excerpt( $author_url_display, 49, '…' ); } - echo ""; comment_author( $comment->comment_ID ); echo '
'; - if ( !empty( $author_url ) ) { - echo "$author_url_display
"; + if ( ! empty( $author_url_display ) ) { + printf( '%s
', esc_url( $author_url ), esc_html( $author_url_display ) ); } if ( $this->user_can ) { diff --git a/wp-includes/version.php b/wp-includes/version.php index 1451349fe4..b30bac5d96 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.4-alpha-33893'; +$wp_version = '4.4-alpha-33894'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.