From 94a56f3bbfbc7bc26f7f496975adc5a4cc6370b7 Mon Sep 17 00:00:00 2001 From: Jon Cave Date: Thu, 23 May 2013 17:45:59 +0000 Subject: [PATCH] Properly escape source parameter in audio/video shortcodes. See #23282. git-svn-id: http://core.svn.wordpress.org/trunk@24334 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/media.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/wp-includes/media.php b/wp-includes/media.php index 1cf047eead..d4a0df3bfc 100644 --- a/wp-includes/media.php +++ b/wp-includes/media.php @@ -861,7 +861,7 @@ function wp_audio_shortcode( $attr ) { if ( ! empty( $src ) ) { $type = wp_check_filetype( $src ); if ( ! in_array( $type['ext'], $default_types ) ) - return sprintf( '%1$s', $src ); + return sprintf( '%s', esc_url( $src ), esc_html( $src ) ); $primary = true; array_unshift( $default_types, 'src' ); } else { @@ -907,7 +907,7 @@ function wp_audio_shortcode( $attr ) { if ( empty( $fileurl ) ) $fileurl = $$fallback; $type = wp_check_filetype( $$fallback ); - $html .= sprintf( $source, $type['type'], $$fallback ); + $html .= sprintf( $source, $type['type'], esc_url( $$fallback ) ); } } @@ -979,7 +979,7 @@ function wp_video_shortcode( $attr ) { if ( ! empty( $src ) ) { $type = wp_check_filetype( $src ); if ( ! in_array( $type['ext'], $default_types ) ) - return sprintf( '%1$s', $src ); + return sprintf( '%s', esc_url( $src ), esc_html( $src ) ); $primary = true; array_unshift( $default_types, 'src' ); } else { @@ -1033,7 +1033,7 @@ function wp_video_shortcode( $attr ) { // m4v sometimes shows up as video/mpeg which collides with mp4 if ( 'm4v' === $type['ext'] ) $type['type'] = 'video/m4v'; - $html .= sprintf( $source, $type['type'], $$fallback ); + $html .= sprintf( $source, $type['type'], esc_url( $$fallback ) ); } } if ( 'mediaelement' === $library ) @@ -2634,4 +2634,4 @@ function img_html_to_post_id( $html, &$matched_html = null ) { $attachment_id = attachment_url_to_postid( $attr['src'] ); return $attachment_id; -} \ No newline at end of file +}