Make WordPress Core

Opened 4 years ago

Closed 4 years ago

#17243 closed defect (bug) (fixed)

wp_login_form: default for redirect leads to 404 on site in sub-folders

Reported by: esmi Owned by: nacin
Milestone: 3.3 Priority: normal
Severity: normal Version: 3.0
Component: Template Keywords: has-patch
Focuses: Cc:


When using wp_login_form in a site in a sub-folder (eg. /wordpress), the default redirect parameter (site_url( $_SERVERREQUEST_URI? )) causes the redirect to duplicate the sub-folder in the url eg: http://example.com/wordpress/wordpress/

Replicated on 3.1.1 and 3.2 bleeding on 2 separate servers.

Attachments (1)

17243.diff (714 bytes) - added by kawauso 4 years ago.

Download all attachments as: .zip

Change History (8)

@kawauso4 years ago


comment:1 @kawauso4 years ago

  • Keywords has-patch added

comment:2 @kawauso4 years ago

  • Component changed from General to Template
  • Version set to 3.0

comment:3 @ZaneMatthew4 years ago

  • Cc zanematthew@… added

comment:4 @SergeyBiryukov4 years ago

  • Milestone changed from Awaiting Review to 3.3

comment:5 @nacin4 years ago

<input type="hidden" name="redirect_to" value="' . esc_attr( $args['redirect'] ) . '" />

Thinking that should be esc_url().

Or, if it should remain esc_attr() (and I don't think it should), then this patch should esc_url_raw() what we build from $_SERVER.

comment:6 @nacin4 years ago

In [19032]:

Fix the current page default redirect in wp_login_form(). props kawauso, see #17243.

comment:7 @nacin4 years ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In [19033]:

Use esc_url() rather than esc_attr() on a redirect-to URL. fixes #17243.

Note: See TracTickets for help on using tickets.