WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 5 years ago

#17243 closed defect (bug) (fixed)

wp_login_form: default for redirect leads to 404 on site in sub-folders

Reported by: esmi Owned by: nacin
Milestone: 3.3 Priority: normal
Severity: normal Version: 3.0
Component: Template Keywords: has-patch
Focuses: Cc:

Description

When using wp_login_form in a site in a sub-folder (eg. /wordpress), the default redirect parameter (site_url( $_SERVERREQUEST_URI? )) causes the redirect to duplicate the sub-folder in the url eg: http://example.com/wordpress/wordpress/

Replicated on 3.1.1 and 3.2 bleeding on 2 separate servers.

Attachments (1)

17243.diff (714 bytes) - added by kawauso 6 years ago.
$_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']

Download all attachments as: .zip

Change History (8)

@kawauso
6 years ago

$_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']

#1 @kawauso
6 years ago

  • Keywords has-patch added

#2 @kawauso
5 years ago

  • Component changed from General to Template
  • Version set to 3.0

#3 @ZaneMatthew
5 years ago

  • Cc zanematthew@… added

#4 @SergeyBiryukov
5 years ago

  • Milestone changed from Awaiting Review to 3.3

#5 @nacin
5 years ago

<input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" />

Thinking that should be esc_url().

Or, if it should remain esc_attr() (and I don't think it should), then this patch should esc_url_raw() what we build from $_SERVER.

#6 @nacin
5 years ago

In [19032]:

Fix the current page default redirect in wp_login_form(). props kawauso, see #17243.

#7 @nacin
5 years ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In [19033]:

Use esc_url() rather than esc_attr() on a redirect-to URL. fixes #17243.

Note: See TracTickets for help on using tickets.