WordPress.org

Make WordPress Core

Ticket #4606: wp2-4606.003.diff

File wp2-4606.003.diff, 3.2 KB (added by snakefoot, 7 years ago)

Fix for branch 2.0 (With host filter)

  • wp-includes/pluggable-functions.php

     
    259259function wp_redirect($location, $status = 302) { 
    260260        global $is_IIS; 
    261261 
     262        $location = apply_filters('wp_redirect', $location, $status); 
     263 
     264        if ( !$location ) // allows the wp_redirect filter to cancel a redirect 
     265                return false; 
     266 
     267        $location = wp_sanitize_redirect($location); 
     268 
     269        if ( $is_IIS ) { 
     270                header("Refresh: 0;url=$location"); 
     271        } else { 
     272                if ( php_sapi_name() != 'cgi-fcgi' ) 
     273                        status_header($status); // This causes problems on IIS and some FastCGI setups 
     274                header("Location: $location"); 
     275        } 
     276} 
     277endif; 
     278 
     279if ( !function_exists('wp_sanitize_redirect') ) : 
     280/** 
     281* sanitizes a URL for use in a redirect 
     282* @return string redirect-sanitized URL 
     283**/ 
     284function wp_sanitize_redirect($location) { 
    262285        $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location); 
     286        $location = wp_kses_no_null($location); 
    263287 
    264288        // remove %0d and %0a from location 
    265289        $strip = array('%0d', '%0a'); 
     
    273297                        } 
    274298                } 
    275299        } 
     300        return $location; 
     301} 
     302endif; 
    276303 
    277         if ( $is_IIS ) { 
    278                 header("Refresh: 0;url=$location"); 
    279         } else { 
    280                 if ( php_sapi_name() != 'cgi-fcgi' ) 
    281                         status_header($status); // This causes problems on IIS and some FastCGI setups 
    282                 header("Location: $location"); 
    283         } 
     304if ( !function_exists('wp_safe_redirect') ) : 
     305/** 
     306* performs a safe (local) redirect, using wp_redirect() 
     307* @return void 
     308**/ 
     309function wp_safe_redirect($location, $status = 302) { 
     310 
     311        // Need to look at the URL the way it will end up in wp_redirect() 
     312        $location = wp_sanitize_redirect($location); 
     313 
     314        // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//' 
     315        if ( substr($location, 0, 2) == '//' ) 
     316                $location = 'http:' . $location; 
     317 
     318        $lp  = parse_url($location); 
     319        $wpp = parse_url(get_option('home')); 
     320 
     321        $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host'])); 
     322 
     323        if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) ) 
     324                $location = get_option('siteurl') . '/wp-admin/'; 
     325         
     326        wp_redirect($location, $status); 
    284327} 
    285328endif; 
    286329 
  • wp-login.php

     
    2929        if ( isset($_REQUEST['redirect_to']) ) 
    3030                $redirect_to = $_REQUEST['redirect_to']; 
    3131                         
    32         wp_redirect($redirect_to); 
     32        wp_safe_redirect($redirect_to); 
    3333        exit(); 
    3434 
    3535break; 
     
    198198                        if ( !$using_cookie ) 
    199199                                wp_setcookie($user_login, $user_pass, false, '', '', $rememberme); 
    200200                        do_action('wp_login', $user_login); 
    201                         wp_redirect($redirect_to); 
     201                        wp_safe_redirect($redirect_to); 
    202202                        exit; 
    203203                } else { 
    204204                        if ( $using_cookie )                     
  • wp-pass.php

     
    77// 10 days 
    88setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); 
    99 
    10 wp_redirect(wp_get_referer()); 
     10wp_safe_redirect(wp_get_referer()); 
    1111?> 
     12 No newline at end of file