Make WordPress Core

Opened 7 years ago

Closed 7 years ago

#9817 closed defect (bug) (fixed)

wp_login_url() doesn't urlencode() the redirect value

Reported by: Viper007Bond Owned by:
Milestone: 2.8 Priority: normal
Severity: normal Version: 2.8
Component: General Keywords: has-patch needs-testing
Focuses: Cc:


To reproduce:

  1. Log out of your dev blog.
  2. Visit http://yoursite.com/wp-admin/index.php?foo=bar&test=ing&word=press.
  3. You will be redirected to http://yoursite.com/wp-login.php?redirect_to=http://yoursite.com/wp-admin/index.php?foo=bar&test=ing&word=press.
  4. After logging in, you will end up at http://yoursite.com/wp-admin/index.php?foo=bar due to the lack of URL encoding in the redirect_to value.

Attached patch urlencode()'s the value so that the redirect works properly.

Attachments (1)

9817.patch (535 bytes) - added by Viper007Bond 7 years ago.

Download all attachments as: .zip

Change History (4)

7 years ago

#1 @Viper007Bond
7 years ago

Hmm, perhaps add_query_arg() should urlencode() instead...

#2 @ryan
7 years ago

  • Milestone changed from Unassigned to 2.8

#3 @ryan
7 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11328]) urlencode login redirect. Props Viper007Bond. fixes #9817

Note: See TracTickets for help on using tickets.