Ticket #5114 (closed enhancement: fixed)
wp_safe_redirect() case sensitive for hostnames
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | 2.3.1 |
| Component: | General | Version: | 2.3 |
| Severity: | normal | Keywords: | has-patch needs-testing |
| Cc: |
Description
For instance, when I enter a post password, no matter whether it was correct, I get redirected to my wp-admin folder instead of the form's page. I had set my hostname to contain uppercase letters as an experiment.
Exploring the source code made it apparent that the check in wp_safe_redirect() is case sensitive, i.e. hostname http://www.EXAMPLE.com does not match http://www.example.com.
Attachments
-
pluggable.php.diff
(665 bytes) -
added by BoltClock 4 years ago.
-
5114.2.diff
(640 bytes) -
added by markjaquith 4 years ago.
-
5114.3.diff
(594 bytes) -
added by markjaquith 4 years ago.
Change History
comment:4
markjaquith — 4 years ago
- Milestone changed from 2.3.1 to 2.4
5114.2.diff adds a strtolower()'d version of the host into the allowed_hosts array. So you can match by being lowercase or by matching exactly. Milestone of 2.4 before 2.3.1
comment:5
markjaquith — 4 years ago
5114.3.diff only does the strtolower() if the raw version doesn't match.
comment:6
markjaquith — 4 years ago
- Status changed from new to closed
- Resolution set to fixed
comment:7
markjaquith — 4 years ago
- Status changed from closed to reopened
- Resolution fixed deleted
- Milestone changed from 2.4 to 2.3.1
comment:8
markjaquith — 4 years ago
- Status changed from reopened to closed
- Resolution set to fixed
Note: See
TracTickets for help on using
tickets.
