WordPress.org

Make WordPress Core

Ticket #4606: 4606.patch

File 4606.patch, 687 bytes (added by hakre, 12 years ago)

Patch to solve remote 302 redirect injection flaw #4606

  • wp-pass.php

     
    77// 10 days
    88setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
    99
    10 wp_redirect(wp_get_referer());
     10
     11/*
     12 * ensure to only redirect to pages on the same domain
     13 *
     14 * @see #4606
     15 */
     16$redirect_url = wp_get_referer();
     17$bloghome_url = get_option('home');
     18
     19if (substr($redirect_url, 0, strlen($bloghome_url)) != $bloghome_url) {
     20        wp_die('Request Error. Please contact the Administrator.');
     21} else {
     22        wp_redirect($redirect_url);
     23}
    1124?>
     25 No newline at end of file