From 858576b2dc5f42c836677f0b49867d88a264645b Mon Sep 17 00:00:00 2001
From: ozh <ozh@ozh.org>
Date: Tue, 28 Jul 2015 12:42:59 +0200
Subject: [PATCH] Trim URL before sanitizing. Fixes #1931

---
 includes/functions-formatting.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/includes/functions-formatting.php b/includes/functions-formatting.php
index e2f36fa..b253f13 100644
--- a/includes/functions-formatting.php
+++ b/includes/functions-formatting.php
@@ -487,6 +487,9 @@ function yourls_esc_attr( $text ) {
  * @return string The cleaned $url
  */
 function yourls_esc_url( $url, $context = 'display', $protocols = array() ) {
+    // trim first -- see #1931
+    $url = trim( $url );
+    
 	// make sure there's only one 'http://' at the beginning (prevents pasting a URL right after the default 'http://')
 	$url = str_replace( 
 		array( 'http://http://', 'http://https://' ),
-- 
2.45.0