Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#41834 closed defect (bug) (invalid)

wp_redirect issue with HTTPS and when $redirect_to is more than one directory deep

Reported by: joneslloyd's profile joneslloyd Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.8.1
Component: General Keywords: needs-testing
Focuses: administration Cc:

Description

Below is a simplified version of my code, which produces the error:

<?php
/**
 * Redirect users after login
 */
add_filter('login_redirect', function ($redirect_to, $request, $user) {
    if (isset($user->roles) && is_array($user->roles)) {
        if (! empty($redirect_to)) {
            wp_redirect($redirect_to);
        } elseif (in_array('administrator', $user->roles)) {
            wp_redirect(admin_url());
        } else {
            wp_redirect(get_the_permalink(get_default_page_id('dashboard')));
        }

        exit;
    }
}, 10, 3);

As per the code above, if $redirect_to is not empty, users are redirected to that URL.

I've found that when running a site on HTTPS, an issue arises when $redirect_to's value contains more than one directory / level.

For example, when I want to redirect to https://mysite.com/dashboard/, the redirect occurs correctly (and the value of $redirect_to is https://mysite.com/dashboard/, as expected).

However, when I try to redirect to https://mysite.com/modules/module-0/, the value of $redirect_to is actually https:/mysite.com/modules/module-0/ -- Notice the second / after the colon is removed.

This (I believe) then causes WordPress to strip out the broken https:/ when wp_sanitize_redirect is called inside of the wp_redirect function, and the resultant redirect that actually occurs in the web browser is https://mysite.com/mysite.com/modules/module-0/ (which is a 404 error).

Change History (5)

#1 @johnbillion
7 years ago

  • Focuses template performance removed
  • Keywords reporter-feedback needs-testing added

Thanks for the report @joneslloyd, and welcome to WordPress Trac.

Are you able to reproduce the issue with all your plugins deactivated, and with one of the default themes (such as Twenty Seventeen) enabled?

#2 @joneslloyd
7 years ago

Hey @johnbillion, thanks!

Just trying to reproduce in said environment now.

Just to check: Should the URL in the address bar (in the redirect_to parameter) be URL encoded? Currently mine are not, which I'm thinking could be (part of) the issue?

#3 @johnbillion
7 years ago

Yeah any URL in the redirect_to parameter should be URL encoded.

#4 @joneslloyd
7 years ago

  • Resolution set to invalid
  • Status changed from new to closed

Apologies, this was a case of user error.. I didn't rawurlencode the data for the query parameter.

#5 @johnbillion
7 years ago

  • Keywords reporter-feedback removed
  • Milestone Awaiting Review deleted

No problem. Thanks for the update!

Note: See TracTickets for help on using tickets.