WordPress.org

Make WordPress Core

Ticket #18818: 18818.diff

File 18818.diff, 536 bytes (added by theandystratton, 7 years ago)

Allows @ symbol in wp_sanitize_redirect

  • wp-includes/pluggable.php

     
    877877 * @return string redirect-sanitized URL
    878878 **/
    879879function wp_sanitize_redirect($location) {
    880         $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location);
     880        $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!@]|i', '', $location);
    881881        $location = wp_kses_no_null($location);
    882882
    883883        // remove %0d and %0a from location