Context Navigation

pluggable.php

Timestamp:

08/30/2007 05:46:09 PM (19 years ago)

Author:

markjaquith

Message:

Better %0d/%0a sanitization for wp_redirect() from hakre. fixes #4819 for trunk

File:

-                      r5986
+                      r5990
     $location = wp_kses_no_null($location);
+    // remove %0d and %0a from location
     $strip = array('%0d', '%0a');
+    $location = str_replace($strip, '', $location);
+    $found = true;
+    while($found) {
+        $found = false;
+        foreach($strip as $val) {
+            while(strpos($location, $val) !== false) {
+                $found = true;
+                $location = str_replace($val, '', $location);
+            }
+        }
+    }
     if ( $is_IIS ) {

Note: See TracChangeset for help on using the changeset viewer.