From 2763e74dd8f4f645c304917608a611c2da804b98 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Wed, 5 Dec 2012 18:57:56 +0000 Subject: [PATCH] Script loader: Chunk the script names as passed to load-scripts.php into 128-character pieces. Avoids hitting a limit for the length of a single variable, such as suhosin.get.max_value_length which defaults to 512. fixes #22757. git-svn-id: http://core.svn.wordpress.org/trunk@23074 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/load-scripts.php | 6 +++++- wp-includes/script-loader.php | 7 +++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/wp-admin/load-scripts.php b/wp-admin/load-scripts.php index ba67be1f67..4d185ed536 100644 --- a/wp-admin/load-scripts.php +++ b/wp-admin/load-scripts.php @@ -114,7 +114,11 @@ function get_file($path) { return @file_get_contents($path); } -$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $_GET['load'] ); +$load = $_GET['load']; +if ( is_array( $load ) ) + $load = implode( '', $load ); + +$load = preg_replace( '/[^a-z0-9,_-]+/i', '', $load ); $load = explode(',', $load); if ( empty($load) ) diff --git a/wp-includes/script-loader.php b/wp-includes/script-loader.php index bb83b3ecbe..efc71e60e4 100644 --- a/wp-includes/script-loader.php +++ b/wp-includes/script-loader.php @@ -689,7 +689,7 @@ function _print_scripts() { if ( $zip && defined('ENFORCE_GZIP') && ENFORCE_GZIP ) $zip = 'gzip'; - if ( !empty($wp_scripts->concat) ) { + if ( $concat = trim( $wp_scripts->concat, ', ' ) ) { if ( !empty($wp_scripts->print_code) ) { echo "\n\n"; } - $src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&load=" . trim($wp_scripts->concat, ', ') . '&ver=' . $wp_scripts->default_version; + $concat = str_split( $concat, 128 ); + $concat = 'load[]=' . implode( '&load[]=', $concat ); + + $src = $wp_scripts->base_url . "/wp-admin/load-scripts.php?c={$zip}&" . $concat . '&ver=' . $wp_scripts->default_version; echo "\n"; }