[wp-trac] [WordPress Trac] #28015: esc_url_raw (esc_url) throw "Uninitialized string offset: 0" with invalid chars
WordPress Trac
noreply at wordpress.org
Thu Apr 24 18:42:12 UTC 2014
#28015: esc_url_raw (esc_url) throw "Uninitialized string offset: 0" with invalid
chars
--------------------------+-----------------------------
Reporter: mmems | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 3.9
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
{{{
esc_url_raw('"^[]<>{}`');
}}}
Will throw "Uninitialized string offset: 0" because the length of
resulting string (after filtering all invalid chars) is not tested before
check if it's a relative URL
{{{
if ( strpos($url, ':') === false && ! in_array( $url[0], array( '/', '#',
'?' ) ) ...
-----------------------------------------------------^
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28015>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list