Make WordPress Core

Changeset 58674


Ignore:
Timestamp:
07/04/2024 09:59:34 PM (5 months ago)
Author:
dmsnell
Message:

Users: Avoid ambiguous password reset URLs for usernames ending in a period.

When WordPress sends out a password-reset or new-user email, it generates
a link for someone to follow in order to take them to the reset page. If
the user login name ends in a period, however, that generated URL will
end in a period and many email clients will confuse it with a
sentence-ending period instead of being part of the query arguments.

In this patch, the generated URL's query argument are rearranged so that
the link will never end in a period. Alternative ideas were explored to
create a new function to escape URL-ending periods, but this patch resolves
the reported problem without raising any further architectural questions.

Developed in https://github.com/WordPress/wordpress-develop/pull/6834
Discussed in https://core.trac.wordpress.org/ticket/42957

Props audrasjb, costdev, daveagp, dmsnell, hellofromTonya, markparnell, mukesh27, nhrrob, obrienlabs, paulcline.
Fixes #42957.

Location:
trunk/src/wp-includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/pluggable.php

    r58653 r58674  
    22252225        $message  = sprintf( __( 'Username: %s' ), $user->user_login ) . "\r\n\r\n";
    22262226        $message .= __( 'To set your password, visit the following address:' ) . "\r\n\r\n";
    2227         $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user->user_login ), 'login' ) . "\r\n\r\n";
     2227
     2228        /*
     2229         * Since some user login names end in a period, this could produce ambiguous URLs that
     2230         * end in a period. To avoid the ambiguity, ensure that the login is not the last query
     2231         * arg in the URL. If moving it to the end, a trailing period will need to be escaped.
     2232         *
     2233         * @see https://core.trac.wordpress.org/tickets/42957
     2234         */
     2235        $message .= network_site_url( 'wp-login.php?login=' . rawurlencode( $user->user_login ) . "&key=$key&action=rp", 'login' ) . "\r\n\r\n";
    22282236
    22292237        $message .= wp_login_url() . "\r\n";
  • trunk/src/wp-includes/user.php

    r58589 r58674  
    32203220    $message .= __( 'If this was a mistake, ignore this email and nothing will happen.' ) . "\r\n\r\n";
    32213221    $message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n";
    3222     $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . '&wp_lang=' . $locale . "\r\n\r\n";
     3222
     3223    /*
     3224     * Since some user login names end in a period, this could produce ambiguous URLs that
     3225     * end in a period. To avoid the ambiguity, ensure that the login is not the last query
     3226     * arg in the URL. If moving it to the end, a trailing period will need to be escaped.
     3227     *
     3228     * @see https://core.trac.wordpress.org/tickets/42957
     3229     */
     3230    $message .= network_site_url( 'wp-login.php?login=' . rawurlencode( $user_login ) . "&key=$key&action=rp", 'login' ) . '&wp_lang=' . $locale . "\r\n\r\n";
    32233231
    32243232    if ( ! is_user_logged_in() ) {
Note: See TracChangeset for help on using the changeset viewer.