From 5719d6b1d731f4602a0bbfcbbf76bdfc4cabb649 Mon Sep 17 00:00:00 2001 From: "C. Scott Ananian" Date: Fri, 28 Aug 2015 10:23:47 -0400 Subject: [PATCH] Be a little more conservative with the IPv6 support in the Sanitizer. This isn't strictly necessary, but it matches the production used in Parsoid better. Change-Id: I542b1f71fe9e917fef5718a6df8ebb98735f7fb4 --- includes/Sanitizer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/Sanitizer.php b/includes/Sanitizer.php index fbf3234407..c02bdc996f 100644 --- a/includes/Sanitizer.php +++ b/includes/Sanitizer.php @@ -1809,7 +1809,7 @@ class Sanitizer { $host = preg_replace( $strip, '', $host ); // IPv6 host names are bracketed with []. Url-decode these. - if ( substr_compare( "//%5B", $host, 0, 5 ) === 0 && preg_match( '!^//%5B(.*?)%5D((:\d+)?)$!', $host, $matches ) ) { + if ( substr_compare( "//%5B", $host, 0, 5 ) === 0 && preg_match( '!^//%5B([0-9A-Fa-f:.]+)%5D((:\d+)?)$!', $host, $matches ) ) { $host = '//[' . $matches[1] . ']' . $matches[2]; } -- 2.20.1