Ticket #16449: incorrect_referer_check.patch
| File incorrect_referer_check.patch, 536 bytes (added by , 12 years ago) |
|---|
-
wp-includes/pluggable.php
old new 825 825 $adminurl = strtolower(admin_url()); 826 826 $referer = strtolower(wp_get_referer()); 827 827 $result = isset($_REQUEST[$query_arg]) ? wp_verify_nonce($_REQUEST[$query_arg], $action) : false; 828 if ( !$result && !(-1 == $action && strpos($referer, $adminurl) !== false) ) {828 if ( !$result && !(-1 == $action && strpos($referer, $adminurl) === 0) ) { 829 829 wp_nonce_ays($action); 830 830 die(); 831 831 }