WordPress.org

Make WordPress Core

Changeset 23570


Ignore:
Timestamp:
03/01/13 17:20:32 (3 years ago)
Author:
ryan
Message:

Always wp_unslash() the return of wp_get_referer().

see #21767

Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/edit-form-advanced.php

    r23563 r23570  
    315315<input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr( $post_type ) ?>" /> 
    316316<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr( $post->post_status) ?>" /> 
    317 <input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url(wp_unslash(wp_get_referer())); ?>" /> 
     317<input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url(wp_get_referer()); ?>" /> 
    318318<?php if ( ! empty( $active_post_lock ) ) { ?> 
    319319<input type="hidden" id="active_post_lock" value="<?php echo esc_attr( implode( ':', $active_post_lock ) ); ?>" /> 
  • trunk/wp-admin/upgrade.php

    r23567 r23570  
    7878switch ( $step ) : 
    7979    case 0: 
    80         $goback = wp_unslash( wp_get_referer() ); 
     80        $goback = wp_get_referer(); 
    8181        $goback = esc_url_raw( $goback ); 
    8282        $goback = urlencode( $goback ); 
  • trunk/wp-admin/user-edit.php

    r23554 r23570  
    5555); 
    5656 
    57 $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer)); 
     57$wp_http_referer = remove_query_arg(array('update', 'delete_count'), $wp_http_referer ); 
    5858 
    5959$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' ); 
  • trunk/wp-includes/functions.php

    r23554 r23570  
    12841284 
    12851285    if ( $ref && $ref !== $_SERVER['REQUEST_URI'] ) 
    1286         return $ref; 
     1286        return wp_unslash( $ref ); 
    12871287    return false; 
    12881288} 
Note: See TracChangeset for help on using the changeset viewer.