[wp-trac] [WordPress Trac] #28015: esc_url_raw (esc_url) throw "Uninitialized string offset: 0" with invalid chars
WordPress Trac
noreply at wordpress.org
Tue Apr 29 14:48:41 UTC 2014
#28015: esc_url_raw (esc_url) throw "Uninitialized string offset: 0" with invalid
chars
--------------------------+------------------------------
Reporter: mmems | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Formatting | Version: 3.3
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by mmems):
The error disappear now, but:
{{{
esc_url_raw('"^[]<>{}`');
// now returns: "http://"
}}}
Maybe the emptiness test should be after chars filtering :
{{{
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '',
$url);
$strip = array('%0d', '%0a', '%0D', '%0A');
$url = _deep_replace($strip, $url);
$url = str_replace(';//', '://', $url);
if ( '' == $url )
return $url;
}}}
Instead of:
{{{
if ( '' == $url )
return $url;
$url = preg_replace('|[^a-z0-9-~+_.?#=!&;,/:%@$\|*\'()\\x80-\\xff]|i', '',
$url);
$strip = array('%0d', '%0a', '%0D', '%0A');
$url = _deep_replace($strip, $url);
$url = str_replace(';//', '://', $url);
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28015#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list