Infinite redirection loop on accessing wp-admin/user/

[Butuzov]

Infinite redirection loop on accessing wp-admin/user/

I am having a highly customized WP Multisite Network Installation and different kinds of limited users. Today I got report about person that stuck in Infinite Redirection Loop while trying to access to URL https://domain.com/cms/wp-admin/user/

After future research, I stuck into a problem in wp-admin/user/admin.php on line 29.

wp_redirect( user_admin_url() );

Based on the logic of this it's going and redirecting the user back to the same spot. And here we got a problem.

Is it a copy/paste that end up in release code unchecked?

---
Affected User:

Has limited capabilities (can be listed on request)

How that Happened?:

Password Retrieved, Login Process, Infinite Redirection Loop.

Version: 4.8.1

Custom Multisite Install: (With Subdomains and sub directories installs same time).

Previously installed: 4.6.1

[Butuzov]

patch

[Butuzov]

P.S.
Not sure is patch in the correct format. Installation is located in cms/ directory and I have removed that part of the patch file, however, there are two hashes and I am not sure is it really matters.

[SergeyBiryukov]

Introduced in [15746], modified in [17668].

Since this is a first report in 7 years, it looks like there's a plugin doing something wrong with the redirect_user_admin_request filter.

[SergeyBiryukov]

Could not reproduce the issue on a clean install. When visiting wp-admin/user/ on one of the sites in a network, the code properly redirects to the main network site.

[Butuzov]

I will try to reproduce it myself on clean install as soon as I will have time, and compare all settings while it happening.

both filters not used not used in my system, however, it's possible that I am unluckily stuck into the combination of different factors.

[danieltj]

I tried this on a clean install and didn't get a redirect loop. A third party is causing this error for sure.

[Butuzov]

Thank you so much for testing of what I called "a bug". I also have a chance to test all of my assumptions in "clean install test". I was able to reproduce "bug" (in quotes because now I am not sure this is a bug at all after test case...).

Steps to repeat "bug":

1) Create cms directory in server root.
2) Create wp-config.php (or copy) with default install values (DB_* constants and AUTH salts contacts).
3) Move WordPress code into cms directory.
4) Proceed to install. At this step, we have a normal WordPress install in the custom directory.
5) Change Site Adress URL in Settings->General->Site Address (URL) to point to server home directory (​https://example.org), while WP Adress will point to ​https://example.org/cms/

7) Prepare to Multidomain install. Add WP_ALLOW_MULTISITE to wp-config.php and setup wildcard domain .

define('WP_ALLOW_MULTISITE', true);

8) Open Tools->Network Setup and Pick "Sub-domains", then proceed to "Install".
9) Copy Contants to wp-config.php (except PATH_CURRENT_SITE and SUBDOMAIN_INSTALL)

Now I am able to log example.org/cms/wp-admin and use example.org. But because $current_blog->path isn't same as $current_site->path (1st is '/' and 2nd one is '/cms/'), it's impossible to use user admin and network admin without infinite redirection loop. I still struggling to understand a meaning of redirection to network_admin_url() and user_admin_url() in (network|user)/admin.php but I guess, it's my messed up settings brought a problem I am describing.

notes:

1) None of .htaccess contents isn't copied, so we can't disclose wp-admin directory to attackers (ones that trying to break-in backend using dictionaries ).

2) Defining PATH_CURRENT_SITE to '/' require also rewrite rules, from note 1

3) Constants PATH_CURRENT_SITE and SUBDOMAIN_INSTALL are defined in wp-config later based on requested domain (some of the websites are allowed to be installed in "sub-directories")

I am really sorry for your wasted time and hope never repeat myself on "false bug reporting" again. In anycase thank you for your time.