Fotmatting: in sanitize_file_name(), escape % when uploads contain them, otherwise attachment URLs will unescape the char and break.

Adds unit tests. Props mordauk, simonwheatley, dd32, solarissmoke. Fixes #16226. Built from https://develop.svn.wordpress.org/trunk@35122 git-svn-id: http://core.svn.wordpress.org/trunk@35087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-25 22:35:02 +02:00 · 2015-10-13 03:22:24 +00:00 · 2015-10-13 03:22:24 +00:00 · d8e20fa273
commit d8e20fa273
parent ae0f01904f
2 changed files with 2 additions and 2 deletions
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@ -1368,7 +1368,7 @@ function remove_accents( $string ) {
 */
 function sanitize_file_name( $filename ) {
 	$filename_raw = $filename;
-	$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
+	$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
 	/**
 	 * Filter the list of characters to remove from a filename.
 	 *
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.4-alpha-35121';
+$wp_version = '4.4-alpha-35122';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.