WordPress-C/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-16 11:35:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Media: Replace consecutive periods in sanitize_file_name().

Browse Source 
On some servers, consecutive periods in a filename can cause a 403 Forbidden response.
This changeset replaces consecutive periods with a single period, and adds related unit tests.

Props ArtZ91, costdev, SergeyBiryukov, arthurshlain, mukesh27.
Fixes #57242.

Built from https://develop.svn.wordpress.org/trunk@55209


git-svn-id: http://core.svn.wordpress.org/trunk@54742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
audrasjb 2023-02-03 12:48:23 +00:00
parent 39aa80cb87
commit 965fe8f209
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
wp-includes/formatting.php
View File

@ -2047,6 +2047,7 @@ function sanitize_file_name( $filename ) {
$filename = str_replace( $special_chars, '', $filename ); $filename = str_replace( $special_chars, '', $filename );
$filename = str_replace( array( '%20', '+' ), '-', $filename ); $filename = str_replace( array( '%20', '+' ), '-', $filename );
$filename = preg_replace( '/\.{2,}/', '.', $filename );
$filename = preg_replace( '/[\r\n\t -]+/', '-', $filename ); $filename = preg_replace( '/[\r\n\t -]+/', '-', $filename );
$filename = trim( $filename, '.-_' ); $filename = trim( $filename, '.-_' );

2
wp-includes/version.php
View File

@ -16,7 +16,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '6.2-alpha-55208'; $wp_version = '6.2-alpha-55209';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.