Make WordPress Core


Ignore:
Timestamp:
06/10/2020 05:44:37 PM (4 years ago)
Author:
desrosj
Message:

Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.

Merges [47949] to the 5.4 branch.
Props: xknow, vortfu.

Location:
branches/5.4
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • branches/5.4

  • branches/5.4/src/wp-includes/pluggable.php

    r47398 r47955  
    14081408     */
    14091409    function wp_validate_redirect( $location, $default = '' ) {
    1410         $location = trim( $location, " \t\n\r\0\x08\x0B" );
     1410        $location = wp_sanitize_redirect( trim( $location, " \t\n\r\0\x08\x0B" ) );
    14111411        // Browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'.
    14121412        if ( substr( $location, 0, 2 ) == '//' ) {
Note: See TracChangeset for help on using the changeset viewer.