WordPress.org

Make WordPress Core

Ticket #18818: 18818.diff

File 18818.diff, 536 bytes (added by theandystratton, 3 years ago)

Allows @ symbol in wp_sanitize_redirect

  • wp-includes/pluggable.php

     
    877877 * @return string redirect-sanitized URL 
    878878 **/ 
    879879function wp_sanitize_redirect($location) { 
    880         $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location); 
     880        $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!@]|i', '', $location); 
    881881        $location = wp_kses_no_null($location); 
    882882 
    883883        // remove %0d and %0a from location