Opened 8 years ago
Closed 12 days ago
#37670 closed defect (bug) (maybelater)
wp_validate_redirect fails when running WordPress on a port
Reported by: | raptor235 | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.5.3 |
Component: | Security | Keywords: | reporter-feedback |
Focuses: | Cc: |
Description (last modified by )
$allowed_hosts is checking againts host value the parsed host value doesn't contain the port number and $wpp does. Thereror hosts aren't matched and wp_validate_redirect fails.
$lp = @parse_url($test);
equals
array (size=4) 'scheme' => string 'http' (length=4) 'host' => string 'localhost' (length=9) 'port' => int 3002 'path' => string '/project/xactly-com/insights/' (length=29)
where
$wpp = parse_url(home_url());
equals
array (size=2) 'scheme' => string 'http' (length=4) 'host' => string 'localhost:3002' (length=23)
will result in
if (isset($lp['host']) && (!in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host']))) {
failing
The server is running on a local proxy.
Change History (4)
#2
in reply to:
↑ description
@
8 years ago
- Keywords reporter-feedback added
#4
@
6 years ago
- Resolution set to maybelater
Switching from wontfix
to maybelater
, since that's more accurate.
xref: https://make.wordpress.org/core/2019/01/14/follow-up-on-recent-trac-bulk-edit/
Note: See
TracTickets for help on using
tickets.
Replying to raptor235:
Hi @raptor235 and welcome back to Trac :)
Can you do some extra debugging around this line and let us know the exact inputs and versions of PHP which you're running?
PHP specifically specifically separates out the port, in all versions of PHP when using the input
http://localhost:3002
.