Changeset 56115
- Timestamp:
- 06/29/2023 11:25:38 PM (19 months ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/functions.php
r56031 r56115 1977 1977 1978 1978 /** 1979 * Retrieves unvalidated referer from '_wp_http_referer' or HTTP referer. 1979 * Retrieves unvalidated referer from the '_wp_http_referer' URL query variable or the HTTP referer. 1980 * 1981 * If the value of the '_wp_http_referer' URL query variable is not a string then it will be ignored. 1980 1982 * 1981 1983 * Do not use for redirects, use wp_get_referer() instead. … … 1986 1988 */ 1987 1989 function wp_get_raw_referer() { 1988 if ( ! empty( $_REQUEST['_wp_http_referer'] ) ) {1990 if ( ! empty( $_REQUEST['_wp_http_referer'] ) && is_string( $_REQUEST['_wp_http_referer'] ) ) { 1989 1991 return wp_unslash( $_REQUEST['_wp_http_referer'] ); 1990 1992 } elseif ( ! empty( $_SERVER['HTTP_REFERER'] ) ) { -
trunk/tests/phpunit/tests/functions/referer.php
r51568 r56115 157 157 $this->assertSame( 'http://foo.bar/baz', wp_get_raw_referer() ); 158 158 } 159 160 /** 161 * @ticket 57670 162 */ 163 public function test_raw_referer_is_false_on_invalid_request_parameter() { 164 $_REQUEST['_wp_http_referer'] = array( 'demo' ); 165 $this->assertFalse( wp_get_raw_referer() ); 166 } 159 167 }
Note: See TracChangeset
for help on using the changeset viewer.