Project

General

Profile

Revision b0dc3a2e

Added by Julien Enselme over 7 years ago

Update to Drupal 7.52

View differences:

drupal7/includes/locale.inc
435 435
    switch (variable_get('locale_language_negotiation_url_part', LOCALE_LANGUAGE_NEGOTIATION_URL_PREFIX)) {
436 436
      case LOCALE_LANGUAGE_NEGOTIATION_URL_DOMAIN:
437 437
        if ($options['language']->domain) {
438
          // Save the original base URL. If it contains a port, we need to
439
          // retain it below.
440
          if (!empty($options['base_url'])) {
441
            // The colon in the URL scheme messes up the port checking below.
442
            $normalized_base_url = str_replace(array('https://', 'http://'), '', $options['base_url']);
443
          }
444

  
438 445
          // Ask for an absolute URL with our modified base_url.
439 446
          global $is_https;
440 447
          $url_scheme = ($is_https) ? 'https://' : 'http://';
......
449 456

  
450 457
          // Apply the appropriate protocol to the URL.
451 458
          $options['base_url'] = $url_scheme . $host;
459

  
460
          // In case either the original base URL or the HTTP host contains a
461
          // port, retain it.
462
          $http_host = $_SERVER['HTTP_HOST'];
463
          if (isset($normalized_base_url) && strpos($normalized_base_url, ':') !== FALSE) {
464
            list($host, $port) = explode(':', $normalized_base_url);
465
            $options['base_url'] .= ':' . $port;
466
          }
467
          elseif (strpos($http_host, ':') !== FALSE) {
468
            list($host, $port) = explode(':', $http_host);
469
            $options['base_url'] .= ':' . $port;
470
          }
471

  
452 472
          if (isset($options['https']) && variable_get('https', FALSE)) {
453 473
            if ($options['https'] === TRUE) {
454 474
              $options['base_url'] = str_replace('http://', 'https://', $options['base_url']);
......
523 543
 * possible attack vector (img).
524 544
 */
525 545
function locale_string_is_safe($string) {
546
  // Some strings have tokens in them. For tokens in the first part of href or
547
  // src HTML attributes, filter_xss() removes part of the token, the part
548
  // before the first colon.  filter_xss() assumes it could be an attempt to
549
  // inject javascript. When filter_xss() removes part of tokens, it causes the
550
  // string to not be translatable when it should be translatable. See
551
  // LocaleStringIsSafeTest::testLocaleStringIsSafe().
552
  //
553
  // We can recognize tokens since they are wrapped with brackets and are only
554
  // composed of alphanumeric characters, colon, underscore, and dashes. We can
555
  // be sure these strings are safe to strip out before the string is checked in
556
  // filter_xss() because no dangerous javascript will match that pattern.
557
  //
558
  // @todo Do not strip out the token. Fix filter_xss() to not incorrectly
559
  //   alter the string. https://www.drupal.org/node/2372127
560
  $string = preg_replace('/\[[a-z0-9_-]+(:[a-z0-9_-]+)+\]/i', '', $string);
561

  
526 562
  return decode_entities($string) == decode_entities(filter_xss($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var')));
527 563
}
528 564

  
......
631 667
 *   translations).
632 668
 */
633 669
function _locale_import_po($file, $langcode, $mode, $group = NULL) {
634
  // Try to allocate enough time to parse and import the data.
635
  drupal_set_time_limit(240);
636

  
637 670
  // Check if we have the language already in the database.
638 671
  if (!db_query("SELECT COUNT(language) FROM {languages} WHERE language = :language", array(':language' => $langcode))->fetchField()) {
639 672
    drupal_set_message(t('The language selected for import is not supported.'), 'error');
......
717 750
  $lineno = 0;
718 751

  
719 752
  while (!feof($fd)) {
753
    // Refresh the time limit every 10 parsed rows to ensure there is always
754
    // enough time to import the data for large PO files.
755
    if (!($lineno % 10)) {
756
      drupal_set_time_limit(30);
757
    }
758

  
720 759
    // A line should not be longer than 10 * 1024.
721 760
    $line = fgets($fd, 10 * 1024);
722 761

  

Also available in: Unified diff