From a3c0162465ae33dada4f7ea3f36a8175fbb0c728 Mon Sep 17 00:00:00 2001 From: Sergey Biryukov Date: Tue, 12 Mar 2019 22:22:24 +0000 Subject: [PATCH] Formatting: Improve `rel="nofollow"` handling in comments. Merges [44833] to the 4.7 branch. Built from https://develop.svn.wordpress.org/branches/4.7@44838 git-svn-id: http://core.svn.wordpress.org/branches/4.7@44670 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/formatting.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/wp-includes/formatting.php b/wp-includes/formatting.php index 7b6900e8bf..11cecf7330 100644 --- a/wp-includes/formatting.php +++ b/wp-includes/formatting.php @@ -2733,10 +2733,12 @@ function wp_rel_nofollow_callback( $matches ) { $atts = shortcode_parse_atts( $matches[1] ); $rel = 'nofollow'; - if ( preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'http' ) ) . ')%i', $text ) || - preg_match( '%href=["\'](' . preg_quote( set_url_scheme( home_url(), 'https' ) ) . ')%i', $text ) - ) { - return ""; + if ( ! empty( $atts['href'] ) ) { + if ( in_array( strtolower( wp_parse_url( $atts['href'], PHP_URL_SCHEME ) ), array( 'http', 'https' ), true ) ) { + if ( strtolower( wp_parse_url( $atts['href'], PHP_URL_HOST ) ) === strtolower( wp_parse_url( home_url(), PHP_URL_HOST ) ) ) { + return ""; + } + } } if ( ! empty( $atts['rel'] ) ) { @@ -2749,11 +2751,11 @@ function wp_rel_nofollow_callback( $matches ) { $html = ''; foreach ( $atts as $name => $value ) { - $html .= "{$name}=\"$value\" "; + $html .= "{$name}=\"" . esc_attr( $value ) . "\" "; } $text = trim( $html ); } - return ""; + return ""; } /**