wp_get_referer() doesn't return false when the referer URL is the same as the current URL
|Reported by:||garyc40||Owned by:||swissspidy|
|Component:||Bootstrap/Load||Keywords:||has-patch has-unit-tests commit|
Inside wp_get_referer(), there's this conditional statement:
if ( $ref && $ref !== $_SERVER['REQUEST_URI'] )
It is there to ensure that wp_get_referer() doesn't return the same page I'm on. This is useful when redirecting because I can detect and avoid infinite redirection.
According to PHP documentation, $_SERVER['REQUEST_URI'] is only the URI on the host. As a result, the conditional statement above fails in this case:
Let's say I was redirected from http://example.com/sample-uri to itself (either by clicking a link or a form submission). Then:
$ref = 'http://example.com/sample-uri'; $_SERVER['REQUEST_URI'] = '/sample-uri';
So technically, the referrer is the same page, but wp_get_referer() doesn't return false as expected, because $ref !== $_SERVER['REQUEST_URI'].
A better conditional statement would be:
if ( $ref && parse_url( $ref, PHP_URL_PATH ) !== $_SERVER['REQUEST_URI'] )
I'm using PHP 5.3.6, Apache 2.2.20.
Change History (22)
- Component changed from General to Bootstrap/Load
- Keywords needs-patch needs-unit-tests added; has-patch removed
- Keywords needs-unit-tests removed
- Milestone changed from 3.9 to Future Release
9 months ago
- Keywords has-patch has-unit-tests added; needs-patch needs-unit-tests removed
- Milestone changed from Future Release to 4.5