Ticket #9817 (closed defect (bug): fixed)

Opened 3 years ago

Last modified 3 years ago

wp_login_url() doesn't urlencode() the redirect value

Reported by: Viper007Bond Owned by:
Priority: normal Milestone: 2.8
Component: General Version: 2.8
Severity: normal Keywords: has-patch needs-testing
Cc:

Description

To reproduce:

  1. Log out of your dev blog.
  2. Visit http://yoursite.com/wp-admin/index.php?foo=bar&test=ing&word=press.
  3. You will be redirected to http://yoursite.com/wp-login.php?redirect_to=http://yoursite.com/wp-admin/index.php?foo=bar&test=ing&word=press.
  4. After logging in, you will end up at http://yoursite.com/wp-admin/index.php?foo=bar due to the lack of URL encoding in the redirect_to value.

Attached patch urlencode()'s the value so that the redirect works properly.

Attachments

9817.patch Download (535 bytes) - added by Viper007Bond 3 years ago.

Change History

Viper007Bond3 years ago

comment:1   Viper007Bond3 years ago

Hmm, perhaps add_query_arg() should urlencode() instead...

comment:2   ryan3 years ago

  • Milestone changed from Unassigned to 2.8

comment:3   ryan3 years ago

  • Status changed from new to closed
  • Resolution set to fixed

(In [11328]) urlencode login redirect. Props Viper007Bond. fixes #9817

Note: See TracTickets for help on using tickets.