[wp-trac] [WordPress Trac] #24663: esc_url_raw() strips out square brackets in URLs
WordPress Trac
noreply at wordpress.org
Sun Jun 30 12:36:47 UTC 2013
#24663: esc_url_raw() strips out square brackets in URLs
--------------------------+-----------------------------
Reporter: thomaswm | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: HTTP | Version: 3.5.2
Severity: normal | Keywords:
--------------------------+-----------------------------
Hi,
if you try to request a URL through wp_remote_fopen(), since WP v 3.5.2,
it is validated by wp_http_validate_url() which passes it on to
esc_url_raw().
We use the ICS Calendar plugin on our blog. It tries to request URLs of
the form
{{{
http://$domain/events/ical?gid[]=34
}}}
via wp_remote_fopen() but esc_url_raw() strips out the square brackets. So
WP requests
{{{
http://$domain/events/ical?gid=34
}}}
instead. I have verified that this problem is caused by esc_url_raw() by
uncommenting the line
{{{
$url = esc_url_raw( $url, array( 'http', 'https' ) );
}}}
in wp-includes/http.php
Greets,
Thomas
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24663>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list