$text = $bits[$i++];
$trail = $bits[$i++];
+ # The characters '<' and '>' (which were escaped by
+ # removeHTMLtags()) should not be included in
+ # URLs, per RFC 2396.
+ if (preg_match('/&(lt|gt);/', $url, $m2, PREG_OFFSET_CAPTURE)) {
+ $trail = substr($url, $m2[0][1]) . $trail;
+ $url = substr($url, 0, $m2[0][1]);
+ }
+
# If the link text is an image URL, replace it with an <img> tag
# This happened by accident in the original parser, but some people used it extensively
$img = $this->maybeMakeImageLink( $text );
$url = $protocol . $m[1];
$trail = $m[2];
+ # The characters '<' and '>' (which were escaped by
+ # removeHTMLtags()) should not be included in
+ # URLs, per RFC 2396.
+ if (preg_match('/&(lt|gt);/', $url, $m2, PREG_OFFSET_CAPTURE)) {
+ $trail = substr($url, $m2[0][1]) . $trail;
+ $url = substr($url, 0, $m2[0][1]);
+ }
+
# Move trailing punctuation to $trail
$sep = ',;\.:!?';
# If there is no left bracket, then consider right brackets fair game too
$url = substr( $url, 0, -$numSepChars );
}
- # Replace & from obsolete syntax with &;
- # undo escaping of '<' and '>' by removeHTMLtags(),
- # to prevent double-escaping. All HTML entities will
- # be escaped by makeExternalLink() or maybeMakeImageLink()
- $url = str_replace( array('&', '<', '>'), array('&', '<', '>'), $url );
+ # Replace & from obsolete syntax with &.
+ # All HTML entities will be escaped by makeExternalLink()
+ # or maybeMakeImageLink()
+ $url = str_replace( '&', '&', $url );
# Is this an external image?
$text = $this->maybeMakeImageLink( $url );