Make WordPress Core

Opened 5 years ago

Closed 4 years ago

#17243 closed defect (bug) (fixed)

wp_login_form: default for redirect leads to 404 on site in sub-folders

Reported by: esmi Owned by: nacin
Milestone: 3.3 Priority: normal
Severity: normal Version: 3.0
Component: Template Keywords: has-patch
Focuses: Cc:


When using wp_login_form in a site in a sub-folder (eg. /wordpress), the default redirect parameter (site_url( $_SERVERREQUEST_URI? )) causes the redirect to duplicate the sub-folder in the url eg: http://example.com/wordpress/wordpress/

Replicated on 3.1.1 and 3.2 bleeding on 2 separate servers.

Attachments (1)

17243.diff (714 bytes) - added by kawauso 5 years ago.

Download all attachments as: .zip

Change History (8)

5 years ago


#1 @kawauso
5 years ago

  • Keywords has-patch added

#2 @kawauso
4 years ago

  • Component changed from General to Template
  • Version set to 3.0

#3 @ZaneMatthew
4 years ago

  • Cc zanematthew@… added

#4 @SergeyBiryukov
4 years ago

  • Milestone changed from Awaiting Review to 3.3

#5 @nacin
4 years ago

<input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" />

Thinking that should be esc_url().

Or, if it should remain esc_attr() (and I don't think it should), then this patch should esc_url_raw() what we build from $_SERVER.

#6 @nacin
4 years ago

In [19032]:

Fix the current page default redirect in wp_login_form(). props kawauso, see #17243.

#7 @nacin
4 years ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In [19033]:

Use esc_url() rather than esc_attr() on a redirect-to URL. fixes #17243.

Note: See TracTickets for help on using tickets.