Support IDNA(Internationalized Domain Names for Applications, RFC 5890 and 5891)

[extendwings]

If WordPress is installed on IDN(Internationalized Domain Name) environment, we couldn't login to WordPress dashboard easily.

Reproduce

I set up the site to reproduce.

1. Visit ​http://idnテスト.みんな/wp-login.php
2. Enter the following information and login.
3. You may redirected to ​http://idn./wp-admin

• User: wporg-test
• Password: NQhA@*c&

This account for test will expired next month automatically.

Cause

wp_sanitize_redirect() calls preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*]|i', '', $location), this works in most cases.
But if user entered IDN at wp-admin/options-general.php without converting to Punycode, UTF-8(precisely, non-ASCII) characters will be removed by preg_replace.
Ex) ​http://idnテスト.みんな/ -> ​http://idn./

Solution

Convert URL to Punycode before sanitizing. I chose PEAR Net_IDNA2, licensed under LGPL.

[extendwings]

Remove debug lines

[knutsp]

This would be a nice enhancement.

Install: Enter IDN, save punycode. This is the most important feature.
Settings General: Enter IDN, save punycode, show IDN on display.

[SergeyBiryukov]

If WordPress is installed on IDN(Internationalized Domain Name) environment, we couldn't login to WordPress dashboard easily.

Generally, home and siteurl options are correctly populated in wp_guess_url() during installation. As you noted, the issue happens if the user manually changes them to non-Punycode values later.

This is a duplicate of #10690 and #19279. Could you please add you patch to #10690?