WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Strip "onclick" when previewing themes, props DD32, fixes #7303 

git-svn-id: http://svn.automattic.com/wordpress/trunk@9707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
azaozz 2008-11-15 02:20:26 +00:00
parent 091d203fba
commit 9050fd4a5a
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/theme.php
View File

@ -892,6 +892,8 @@ function preview_theme_ob_filter( $content ) {
* @return string * @return string
*/ */
function preview_theme_ob_filter_callback( $matches ) { function preview_theme_ob_filter_callback( $matches ) {
if ( strpos($matches[4], 'onclick') !== false )
$matches[4] = preg_replace('#onclick=([\'"]).*?(?<!\\\)\\1#i', '', $matches[4]); //Strip out any onclicks from rest of <a>. (?<!\\\) means to ignore the '" if its escaped by \ to prevent breaking mid-attribute.
if ( if (
( false !== strpos($matches[3], '/wp-admin/') ) ( false !== strpos($matches[3], '/wp-admin/') )
|| ||