Changeset 40313 for trunk/src/wp-admin/nav-menus.php

Timestamp:

03/22/2017 11:03:28 PM (8 years ago)

Author:

westonruter

Message:

Customize: Prevent links to customize.php from being generated which have query vars from wp_removable_query_args() present.

Props dlh.
See #23367, #32692.
Fixes #31850.

File:

• trunk/src/wp-admin/nav-menus.php (modified) (1 diff)

trunk/src/wp-admin/nav-menus.php

@@ -585 +585 @@
             esc_url( add_query_arg( array(
                 array( 'autofocus' => $focus ),
-                'return' => urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ),
+                'return' => urlencode( remove_query_arg( wp_removable_query_args(), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ),
             ), admin_url( 'customize.php' ) ) ),
             __( 'Manage with Live Preview' )