Ticket #2800: 2800.2.diff

functions.php

@@ -1049 +1049 @@
 
 function wp_nonce_field($action = -1) {
         echo '<input type="hidden" name="_wpnonce" value="' . wp_create_nonce($action) . '" />';
+        wp_referer_field();
 }
 
+function wp_referer_field() {
+        echo '<input type="hidden" name="_wphttp_referer" value="'. wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
+}
+
 function wp_mkdir_p($target) {
         // from php.net/mkdir user contributed notes
         if (file_exists($target)) {

pluggable-functions.php

@@ -231 +231 @@
 function check_admin_referer($action = -1) {
         global $pagenow, $menu, $submenu, $parent_file, $submenu_file;;
         $adminurl = strtolower(get_settings('siteurl')).'/wp-admin';
-        $referer = strtolower($_SERVER['HTTP_REFERER']);
+        $referer = (empty($_POST['_wphttp_referer'])) ? strtolower($_SERVER['HTTP_REFERER']) : strtolower($_POST['wp_http_referer']);
         if ( !wp_verify_nonce($_REQUEST['_wpnonce'], $action) &&
                 !(-1 == $action && strstr($referer, $adminurl)) ) {
                 if ( $referer )