#5114 closed enhancement (fixed)
wp_safe_redirect() case sensitive for hostnames
Reported by: | BoltClock | Owned by: | |
---|---|---|---|
Milestone: | 2.3.1 | Priority: | normal |
Severity: | normal | Version: | 2.3 |
Component: | General | Keywords: | has-patch needs-testing |
Focuses: | Cc: |
Description
For instance, when I enter a post password, no matter whether it was correct, I get redirected to my wp-admin folder instead of the form's page. I had set my hostname to contain uppercase letters as an experiment.
Exploring the source code made it apparent that the check in wp_safe_redirect() is case sensitive, i.e. hostname http://www.EXAMPLE.com does not match http://www.example.com.
Attachments (3)
Change History (13)
#7
@
17 years ago
- Milestone changed from 2.4 to 2.3.1
- Resolution fixed deleted
- Status changed from closed to reopened
This ticket was mentioned in Slack in #mobile by suhankoh. View the logs.
7 years ago
Note: See
TracTickets for help on using
tickets.
5114.2.diff adds a strtolower()'d version of the host into the allowed_hosts array. So you can match by being lowercase or by matching exactly. Milestone of 2.4 before 2.3.1