diff options
| -rw-r--r-- | includes/common.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/common.inc b/includes/common.inc index 2375a93c3..f87d9b6c5 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -908,7 +908,7 @@ function url($path = NULL, $query = NULL, $fragment = NULL, $absolute = FALSE) { // Return an external link if $path contains an allowed absolute URL. // Only call the slow filter_xss_bad_protocol if $path contains a ':'. - if (strpos($path, ':') !== FALSE && filter_xss_bad_protocol($path) == $path) { + if (strpos($path, ':') !== FALSE && filter_xss_bad_protocol($path, FALSE) == check_plain($path)) { // Split off the fragment if (strpos($path, '#')) { list($path, $old_fragment) = explode('#', $path, 2); |