wp_get_referer() doesn't return false when the referer URL is the same as the current URL
|Reported by:||garyc40||Owned by:|
Inside wp_get_referer(), there's this conditional statement:
if ( $ref && $ref !== $_SERVER['REQUEST_URI'] )
It is there to ensure that wp_get_referer() doesn't return the same page I'm on. This is useful when redirecting because I can detect and avoid infinite redirection.
According to PHP documentation, $_SERVER['REQUEST_URI'] is only the URI on the host. As a result, the conditional statement above fails in this case:
Let's say I was redirected from http://example.com/sample-uri to itself (either by clicking a link or a form submission). Then:
$ref = 'http://example.com/sample-uri'; $_SERVER['REQUEST_URI'] = '/sample-uri';
So technically, the referrer is the same page, but wp_get_referer() doesn't return false as expected, because $ref !== $_SERVER['REQUEST_URI'].
A better conditional statement would be:
if ( $ref && parse_url( $ref, PHP_URL_PATH ) !== $_SERVER['REQUEST_URI'] )
I'm using PHP 5.3.6, Apache 2.2.20.
Change History (9)
- Keywords needs-unit-tests added
- Milestone changed from 3.4 to Future Release