Make WordPress Core


Ignore:
Timestamp:
10/14/2019 07:16:30 PM (5 years ago)
Author:
whyisjake
Message:

Backporting several bug fixes.

  • Query: Remove the static query property.
  • HTTP API: Protect against hex interpretation.
  • Filesystem API: Prevent directory travelersals when creating new folders.
  • Administration: Ensure that admin referer nonce is valid.
  • REST API: Send a Vary: Origin header on GET requests.
  • Customizer: Properly sanitize background images.

Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 4.1 branch.

Location:
branches/4.1
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/4.1

  • branches/4.1/src/wp-includes/pluggable.php

    r45984 r46501  
    10641064 * @param string     $query_arg Where to look for nonce in $_REQUEST (since 2.5)
    10651065 */
    1066 function check_admin_referer($action = -1, $query_arg = '_wpnonce') {
    1067     if ( -1 == $action )
    1068         _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2' );
     1066function check_admin_referer( $action = -1, $query_arg = '_wpnonce' ) {
     1067    if ( -1 === $action )
     1068        _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );
    10691069
    10701070    $adminurl = strtolower(admin_url());
     
    10851085     */
    10861086    do_action( 'check_admin_referer', $action, $result );
     1087
     1088    if ( ! $result && ! ( -1 === $action && strpos( $referer, $adminurl ) === 0 ) ) {
     1089        wp_nonce_ays( $action );
     1090        die();
     1091    }
     1092
    10871093    return $result;
    10881094}
     
    10991105 */
    11001106function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
     1107    if ( -1 === $action )
     1108        _doing_it_wrong( __FUNCTION__, __( 'You should specify a nonce action to be verified by using the first parameter.' ), '3.2.0' );
     1109
    11011110    $nonce = '';
    11021111
     
    22902299}
    22912300endif;
    2292 
Note: See TracChangeset for help on using the changeset viewer.