Opened 7 years ago
Closed 6 years ago
#43745 closed defect (bug) (fixed)
(Yet another ;-) Redirect loop with encoded query keys
Reported by: | wrwrwr0 | Owned by: | pento |
---|---|---|---|
Milestone: | 5.2 | Priority: | normal |
Severity: | minor | Version: | 5.1 |
Component: | Canonical | Keywords: | has-patch has-unit-tests |
Focuses: | Cc: |
Description
Some live examples:
https://news.microsoft.com/?%C2%A2
https://newsroom.fb.com/?%C2%A2
https://www.thewaltdisneycompany.com/?%C2%A2
(At the time of writing these show "page isn't redirecting properly" / "redirected you too many times" notice.)
To reproduce on a fresh install set some permalink structure and put a static page on front, for convenience:
wp rewrite structure '/%year%/%monthnum%/%postname%/'
wp option update show_on_front page
wp option update page_on_front 2
Observe a 301 with the location exactly matching the request:
curl -I http://test.local/?%C2%A2
(Query with any character in a key matching the first regex in
wp_sanitize_redirect().)
redirect_canonical() is hooked by default to template_redirect
. Under some circumstances $redirect_url
can be set to more or less the same as $requested_url
in the somewhat lengthy "is 404" conditional. The code that readds additional query args, around line 360 of the function, uses rawurlencode_deep(), which leaves keys unencoded. In consequence, $requested_url
and $redirect_url
around line 490 may differ only in query encoding. Further, wp_sanitize_request()
, applied after the chained redirects check, reencodes some multibyte characters.
Attachments (1)
Change History (11)
#1
@
7 years ago
- Keywords has-patch has-unit-tests added
Welcome to Trac!
Thanks for your detailed explanation and the steps to reproduce.
43745.diff contains a fix and a test.
#2
@
7 years ago
- Milestone changed from Awaiting Review to 5.0
- Owner set to SergeyBiryukov
- Status changed from new to reviewing
This ticket was mentioned in Slack in #core by audrasjb. View the logs.
6 years ago
#7
@
6 years ago
- Milestone changed from 5.0.3 to 5.1
Hi,
Per today's bug scrub, let's address this ticket in the next major, 5.1, scheduled in February.
#8
@
6 years ago
- Milestone changed from 5.1 to 5.2
Bumping to 5.2, as this needs review, testing, and soak time.
fix + tests