Upstream/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2024-06-26 06:45:07 +02:00
Code Issues Projects Releases Wiki Activity

Coding Standards: Use strict comparison in wp-includes/kses.php.

Browse Source 
Follow-up to [649], [2896], [3418], [8386], [20540], [47219], [54933].

Props aristath, poena, afercia, SergeyBiryukov.
See #58831.
Built from https://develop.svn.wordpress.org/trunk@56377


git-svn-id: http://core.svn.wordpress.org/trunk@55889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2023-08-09 11:01:24 +00:00
parent 5341f9b212
commit ba52c45385
2 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
wp-includes/kses.php
View File

@ -1088,16 +1088,20 @@ function wp_kses_split2( $content, $allowed_html, $allowed_protocols ) {
// Allow HTML comments. // Allow HTML comments.
if ( str_starts_with( $content, '<!--' ) ) { if ( str_starts_with( $content, '<!--' ) ) {
$content = str_replace( array( '<!--', '-->' ), '', $content ); $content = str_replace( array( '<!--', '-->' ), '', $content );
while ( ( $newstring = wp_kses( $content, $allowed_html, $allowed_protocols ) ) != $content ) {
while ( ( $newstring = wp_kses( $content, $allowed_html, $allowed_protocols ) ) !== $content ) {
$content = $newstring; $content = $newstring;
} }
if ( '' === $content ) { if ( '' === $content ) {
return ''; return '';
} }
// Prevent multiple dashes in comments. // Prevent multiple dashes in comments.
$content = preg_replace( '/--+/', '-', $content ); $content = preg_replace( '/--+/', '-', $content );
// Prevent three dashes closing a comment. // Prevent three dashes closing a comment.
$content = preg_replace( '/-$/', '', $content ); $content = preg_replace( '/-$/', '', $content );
return "<!--{$content}-->"; return "<!--{$content}-->";
} }
@ -1357,6 +1361,7 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
if ( preg_match( '/^\s+/', $attr ) ) { // Valueless. if ( preg_match( '/^\s+/', $attr ) ) { // Valueless.
$working = 1; $working = 1;
$mode = 0; $mode = 0;
if ( false === array_key_exists( $attrname, $attrarr ) ) { if ( false === array_key_exists( $attrname, $attrarr ) ) {
$attrarr[ $attrname ] = array( $attrarr[ $attrname ] = array(
'name' => $attrname, 'name' => $attrname,
@ -1365,6 +1370,7 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
'vless' => 'y', 'vless' => 'y',
); );
} }
$attr = preg_replace( '/^\s+/', '', $attr ); $attr = preg_replace( '/^\s+/', '', $attr );
} }
@ -1386,6 +1392,7 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
'vless' => 'n', 'vless' => 'n',
); );
} }
$working = 1; $working = 1;
$mode = 0; $mode = 0;
$attr = preg_replace( '/^"[^"]*"(\s+|$)/', '', $attr ); $attr = preg_replace( '/^"[^"]*"(\s+|$)/', '', $attr );
@ -1407,6 +1414,7 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
'vless' => 'n', 'vless' => 'n',
); );
} }
$working = 1; $working = 1;
$mode = 0; $mode = 0;
$attr = preg_replace( "/^'[^']*'(\s+|$)/", '', $attr ); $attr = preg_replace( "/^'[^']*'(\s+|$)/", '', $attr );
@ -1428,6 +1436,7 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
'vless' => 'n', 'vless' => 'n',
); );
} }
// We add quotes to conform to W3C's HTML spec. // We add quotes to conform to W3C's HTML spec.
$working = 1; $working = 1;
$mode = 0; $mode = 0;
@ -1437,13 +1446,13 @@ function wp_kses_hair( $attr, $allowed_protocols ) {
break; break;
} // End switch. } // End switch.
if ( 0 == $working ) { // Not well-formed, remove and try again. if ( 0 === $working ) { // Not well-formed, remove and try again.
$attr = wp_kses_html_error( $attr ); $attr = wp_kses_html_error( $attr );
$mode = 0; $mode = 0;
} }
} // End while. } // End while.
if ( 1 == $mode && false === array_key_exists( $attrname, $attrarr ) ) { if ( 1 === $mode && false === array_key_exists( $attrname, $attrarr ) ) {
/* /*
* Special case, for when the attribute list ends with a valueless * Special case, for when the attribute list ends with a valueless
* attribute like "selected". * attribute like "selected".
@ -1707,9 +1716,9 @@ function wp_kses_bad_protocol( $content, $allowed_protocols ) {
do { do {
$original_content = $content; $original_content = $content;
$content = wp_kses_bad_protocol_once( $content, $allowed_protocols ); $content = wp_kses_bad_protocol_once( $content, $allowed_protocols );
} while ( $original_content != $content && ++$iterations < 6 ); } while ( $original_content !== $content && ++$iterations < 6 );
if ( $original_content != $content ) { if ( $original_content !== $content ) {
return ''; return '';
} }
@ -1974,6 +1983,7 @@ function wp_kses_normalize_entities2( $matches ) {
} }
$i = $matches[1]; $i = $matches[1];
if ( valid_unicode( $i ) ) { if ( valid_unicode( $i ) ) {
$i = str_pad( ltrim( $i, '0' ), 3, '0', STR_PAD_LEFT ); $i = str_pad( ltrim( $i, '0' ), 3, '0', STR_PAD_LEFT );
$i = "&#$i;"; $i = "&#$i;";
@ -2003,6 +2013,7 @@ function wp_kses_normalize_entities3( $matches ) {
} }
$hexchars = $matches[1]; $hexchars = $matches[1];
return ( ! valid_unicode( hexdec( $hexchars ) ) ) ? "&amp;#x$hexchars;" : '&#x' . ltrim( $hexchars, '0' ) . ';'; return ( ! valid_unicode( hexdec( $hexchars ) ) ) ? "&amp;#x$hexchars;" : '&#x' . ltrim( $hexchars, '0' ) . ';';
} }
@ -2015,10 +2026,13 @@ function wp_kses_normalize_entities3( $matches ) {
* @return bool Whether or not the codepoint is a valid Unicode codepoint. * @return bool Whether or not the codepoint is a valid Unicode codepoint.
*/ */
function valid_unicode( $i ) { function valid_unicode( $i ) {
return ( 0x9 == $i || 0xa == $i || 0xd == $i || $i = (int) $i;
( 0x20 <= $i && $i <= 0xd7ff ) ||
( 0xe000 <= $i && $i <= 0xfffd ) || return ( 0x9 === $i || 0xa === $i || 0xd === $i ||
( 0x10000 <= $i && $i <= 0x10ffff ) ); ( 0x20 <= $i && $i <= 0xd7ff ) ||
( 0xe000 <= $i && $i <= 0xfffd ) ||
( 0x10000 <= $i && $i <= 0x10ffff )
);
} }
/** /**

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.4-alpha-56376'; $wp_version = '6.4-alpha-56377';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.