diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:57:26 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 07:57:26 +0000 |
| commit | 30883c26bdceb9eaf32c8d4a1b0c1bce223b5226 (patch) | |
| tree | 39a02e2aeb21ab5b7923c6f5757d66d55b708912 /wp-admin/includes/user.php | |
| parent | Adding upstream version 6.4.3+dfsg1. (diff) | |
| download | wordpress-30883c26bdceb9eaf32c8d4a1b0c1bce223b5226.tar.xz wordpress-30883c26bdceb9eaf32c8d4a1b0c1bce223b5226.zip | |
Adding upstream version 6.5+dfsg1.upstream/6.5+dfsg1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'wp-admin/includes/user.php')
| -rw-r--r-- | wp-admin/includes/user.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/wp-admin/includes/user.php b/wp-admin/includes/user.php index 423c13a..abed2d2 100644 --- a/wp-admin/includes/user.php +++ b/wp-admin/includes/user.php @@ -638,7 +638,7 @@ Please click the following link to activate your user account: * * @since 5.6.0 * @since 6.2.0 Allow insecure HTTP connections for the local environment. - * @since 6.3.2 Validates the success and reject URLs to prevent javascript pseudo protocol being executed. + * @since 6.3.2 Validates the success and reject URLs to prevent `javascript` pseudo protocol from being executed. * * @param array $request { * The array of request data. All arguments are optional and may be empty. @@ -700,12 +700,11 @@ function wp_is_authorize_application_password_request_valid( $request, $user ) { } /** - * Validates the redirect URL protocol scheme. The protocol can be anything except http and javascript. + * Validates the redirect URL protocol scheme. The protocol can be anything except `http` and `javascript`. * * @since 6.3.2 * - * @param string $url - The redirect URL to be validated. - * + * @param string $url The redirect URL to be validated. * @return true|WP_Error True if the redirect URL is valid, a WP_Error object otherwise. */ function wp_is_authorize_application_redirect_url_valid( $url ) { @@ -728,16 +727,17 @@ function wp_is_authorize_application_redirect_url_valid( $url ) { * * @since 6.3.2 * - * @param string[] $bad_protocols Array of invalid protocols. - * @param string $url The redirect URL to be validated. + * @param string[] $bad_protocols Array of invalid protocols. + * @param string $url The redirect URL to be validated. */ - $invalid_protocols = array_map( 'strtolower', apply_filters( 'wp_authorize_application_redirect_url_invalid_protocols', $bad_protocols, $url ) ); + $invalid_protocols = apply_filters( 'wp_authorize_application_redirect_url_invalid_protocols', $bad_protocols, $url ); + $invalid_protocols = array_map( 'strtolower', $invalid_protocols ); $scheme = wp_parse_url( $url, PHP_URL_SCHEME ); $host = wp_parse_url( $url, PHP_URL_HOST ); $is_local = 'local' === wp_get_environment_type(); - // validates if the proper URI format is applied to the $url + // Validates if the proper URI format is applied to the URL. if ( empty( $host ) || empty( $scheme ) || in_array( strtolower( $scheme ), $invalid_protocols, true ) ) { return new WP_Error( 'invalid_redirect_url_format', |