In wp_http_validate_url(), only validate the protocol in lieu of esc_url_raw(). Ensure there is a host component to the URL. fixes #24663.
git-svn-id: http://core.svn.wordpress.org/trunk@24641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
d18388712c
commit
ca64e771da
|
@ -339,12 +339,12 @@ function send_origin_headers() {
|
||||||
* @return mixed URL or false on failure.
|
* @return mixed URL or false on failure.
|
||||||
*/
|
*/
|
||||||
function wp_http_validate_url( $url ) {
|
function wp_http_validate_url( $url ) {
|
||||||
$url = esc_url_raw( $url, array( 'http', 'https' ) );
|
$url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) );
|
||||||
if ( ! $url )
|
if ( ! $url )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
$parsed_url = @parse_url( $url );
|
$parsed_url = @parse_url( $url );
|
||||||
if ( ! $parsed_url )
|
if ( ! $parsed_url || empty( $parsed_url['host'] ) )
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) )
|
if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) )
|
||||||
|
|
Loading…
Reference in New Issue