diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index 808fbb7..27aa4da 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -6,7 +6,7 @@ use Drupal\Component\Utility\String; use Drupal\Component\Utility\Timer; use Drupal\Component\Utility\Unicode; -use Drupal\Component\Utility\Url; +use Drupal\Component\Utility\UrlValidator; use Drupal\Core\DrupalKernel; use Drupal\Core\Database\Database; use Drupal\Core\DependencyInjection\ContainerBuilder; diff --git a/core/includes/common.inc b/core/includes/common.inc index 4c9a20e..8685360 100644 --- a/core/includes/common.inc +++ b/core/includes/common.inc @@ -2,7 +2,7 @@ use Drupal\Component\Utility\Crypt; use Drupal\Component\Utility\String; -use Drupal\Component\Utility\Url; +use Drupal\Component\Utility\UrlValidator; use Drupal\Component\Utility\Xss; use Drupal\Core\Cache\Cache; use Drupal\Core\Language\Language; @@ -809,29 +809,11 @@ function valid_email_address($mail) { * * @return * TRUE if the URL is in a valid format. + * + * @see \Drupal\Component\Utility\UrlValidator::isValid() */ function valid_url($url, $absolute = FALSE) { - if ($absolute) { - return (bool)preg_match(" - /^ # Start at the beginning of the text - (?:ftp|https?|feed):\/\/ # Look for ftp, http, https or feed schemes - (?: # Userinfo (optional) which is typically - (?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)* # a username or a username and password - (?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@ # combination - )? - (?: - (?:[a-z0-9\-\.]|%[0-9a-f]{2})+ # A domain name or a IPv4 address - |(?:\[(?:[0-9a-f]{0,4}:)*(?:[0-9a-f]{0,4})\]) # or a well formed IPv6 address - ) - (?::[0-9]+)? # Server port number (optional) - (?:[\/|\?] - (?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2}) # The path and query (optional) - *)? - $/xi", $url); - } - else { - return (bool)preg_match("/^(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2})+$/i", $url); - } + return UrlValidator::isValid($url, $absolute); } /** @@ -916,7 +898,7 @@ function valid_number_step($value, $step, $offset = 0.0) { * @see \Drupal\Component\Utility\Url::stripDangerousProtocols() */ function drupal_strip_dangerous_protocols($uri) { - return Url::stripDangerousProtocols($uri); + return UrlValidator::stripDangerousProtocols($uri); } /** @@ -938,7 +920,7 @@ function drupal_strip_dangerous_protocols($uri) { * @see \Drupal\Component\Utility\String::checkPlain() */ function check_url($uri) { - return String::checkPlain(Url::stripDangerousProtocols($uri)); + return String::checkPlain(UrlValidator::stripDangerousProtocols($uri)); } /** @@ -1006,7 +988,7 @@ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', * @see \Drupal\Component\Utility\Url::filterBadProtocol() */ function filter_xss_bad_protocol($string) { - return Url::filterBadProtocol($string); + return UrlValidator::filterBadProtocol($string); } /** @@ -4366,7 +4348,7 @@ function _drupal_bootstrap_code() { // of allowed protocols for these cases. $allowed_protocols = array('http', 'https'); } - Url::setAllowedProtocols($allowed_protocols); + UrlValidator::setAllowedProtocols($allowed_protocols); } /** diff --git a/core/lib/Drupal/Component/Utility/UrlValidator.php b/core/lib/Drupal/Component/Utility/UrlValidator.php index aa2cd32..4772373 100644 --- a/core/lib/Drupal/Component/Utility/UrlValidator.php +++ b/core/lib/Drupal/Component/Utility/UrlValidator.php @@ -112,21 +112,21 @@ public static function stripDangerousProtocols($uri) { public static function isValid($url, $absolute = FALSE) { if ($absolute) { return (bool) preg_match(" - /^ # Start at the beginning of the text - (?:ftp|https?|feed):\/\/ # Look for ftp, http, https or feed schemes - (?: # Userinfo (optional) which is typically - (?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)* # a username or a username and password - (?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@ # combination - )? - (?: - (?:[a-z0-9\-\.]|%[0-9a-f]{2})+ # A domain name or a IPv4 address - |(?:\[(?:[0-9a-f]{0,4}:)*(?:[0-9a-f]{0,4})\]) # or a well formed IPv6 address - ) - (?::[0-9]+)? # Server port number (optional) - (?:[\/|\?] - (?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2}) # The path and query (optional) - *)? - $/xi", $url); + /^ # Start at the beginning of the text + (?:ftp|https?|feed):\/\/ # Look for ftp, http, https or feed schemes + (?: # Userinfo (optional) which is typically + (?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)* # a username or a username and password + (?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@ # combination + )? + (?: + (?:[a-z0-9\-\.]|%[0-9a-f]{2})+ # A domain name or a IPv4 address + |(?:\[(?:[0-9a-f]{0,4}:)*(?:[0-9a-f]{0,4})\]) # or a well formed IPv6 address + ) + (?::[0-9]+)? # Server port number (optional) + (?:[\/|\?] + (?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2}) # The path and query (optional) + *)? + $/xi", $url); } else { return (bool) preg_match("/^(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2})+$/i", $url); diff --git a/core/lib/Drupal/Component/Utility/Xss.php b/core/lib/Drupal/Component/Utility/Xss.php index 76ab4fe..4009782 100644 --- a/core/lib/Drupal/Component/Utility/Xss.php +++ b/core/lib/Drupal/Component/Utility/Xss.php @@ -224,7 +224,7 @@ protected static function attributes($attr) { case 2: // Attribute value, a URL after href= for instance. if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) { - $thisval = Url::filterBadProtocol($match[1]); + $thisval = UrlValidator::filterBadProtocol($match[1]); if (!$skip) { $attrarr[] = "$attrname=\"$thisval\""; @@ -236,7 +236,7 @@ protected static function attributes($attr) { } if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) { - $thisval = Url::filterBadProtocol($match[1]); + $thisval = UrlValidator::filterBadProtocol($match[1]); if (!$skip) { $attrarr[] = "$attrname='$thisval'"; @@ -247,7 +247,7 @@ protected static function attributes($attr) { } if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) { - $thisval = Url::filterBadProtocol($match[1]); + $thisval = UrlValidator::filterBadProtocol($match[1]); if (!$skip) { $attrarr[] = "$attrname=\"$thisval\"";