Fotmatting: in `sanitize_file_name()`, escape `%` when uploads contain them, otherwise attachment URLs will unescape the char and break.

Adds unit tests.

Props mordauk, simonwheatley, dd32, solarissmoke.
Fixes #16226.

Built from https://develop.svn.wordpress.org/trunk@35122


git-svn-id: http://core.svn.wordpress.org/trunk@35087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2015-10-13 03:22:24 +00:00
parent ae0f01904f
commit d8e20fa273
2 changed files with 2 additions and 2 deletions

View File

@ -1368,7 +1368,7 @@ function remove_accents( $string ) {
*/
function sanitize_file_name( $filename ) {
$filename_raw = $filename;
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));
$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", "%", "+", chr(0));
/**
* Filter the list of characters to remove from a filename.
*

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.4-alpha-35121';
$wp_version = '4.4-alpha-35122';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.