WordPress.org

Make WordPress Core


Ignore:
Timestamp:
07/01/2014 03:55:04 PM (8 years ago)
Author:
SergeyBiryukov
Message:

Asterisk is an allowed character in a URI and should not be stripped out by wp_sanitize_redirect().

fixes #28362.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r28903 r28939  
    11611161 **/
    11621162function wp_sanitize_redirect($location) {
    1163     $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!]|i', '', $location);
     1163    $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*]|i', '', $location);
    11641164    $location = wp_kses_no_null($location);
    11651165
Note: See TracChangeset for help on using the changeset viewer.