Make WordPress Core

Context Navigation

← Previous Ticket
Next Ticket →

Opened 21 months ago

Closed 19 months ago

Last modified 19 months ago

#18936 closed defect (bug) (fixed)

Site Themes Administration Screen doesn't work properly with referers disabled

Reported by:	Viper007Bond	Owned by:	nacin
Priority:	normal	Milestone:	3.3
Component:	Administration	Version:	3.3
Severity:	normal	Keywords:	has-patch
Cc:

Description

Disable sending a referer header, then visit /wp-admin/network/site-themes.php?id=XXXXXX and enable a theme. You get redirected to site-themes.php?enabled=1 because no referer is passed in the hyperlink and one isn't sent by the browser.

Solution is to either include the referer in each (dis|en)able link or to have the $referer used in the wp_redirect() always add in the ID to the URL.

I opted for the second.

There are probably other places where this happens too -- where we rely too much on the referer to construct the redirect URL and provide the required arguments.

Attachments (1)

18936.patch (584 bytes) - added by Viper007Bond 21 months ago.: Needs testing

Download all attachments as: .zip

Change History (5)

Viper007Bond — 21 months ago

Attachment 18936.patch added

Needs testing

comment:1 Viper007Bond — 21 months ago

Keywords needs-testing added

comment:2 Viper007Bond — 21 months ago

Keywords needs-testing removed

Nevermind. Tested this on WP.com and it works as expected.

comment:3 nacin — 19 months ago

Owner set to nacin
Resolution set to fixed
Status changed from new to closed

Pass 'id' on network/site-themes in the case of disabled referers. props Viper007Bond, fixes #18936.

comment:4 SergeyBiryukov — 19 months ago

Milestone changed from Awaiting Review to 3.3

Note: See TracTickets for help on using tickets.

Download in other formats: