hardening: sanitize session/referrer-based redirect targets in threshold flows

## Summary
Several threshold flow redirects reuse session/referrer URLs directly in `header('Location: ...')` without sanitization.

## Locations
- `thold.php` (`autocreate`, `disable`, `enable` flows)
- `thold_templates.php` save flow (`graph_return` path)
- `thold_webapi.php` graph-return redirect

## Risk
If session/referrer values are tampered or unexpectedly external, redirect behavior can be unsafe or inconsistent.

## Expected
Pass dynamic return URLs through the same sanitization utility already used elsewhere in the plugin (e.g., `sanitize_uri()`), with safe fallback targets when empty/invalid.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

hardening: sanitize session/referrer-based redirect targets in threshold flows #758

Summary

Locations

Risk

Expected

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

hardening: sanitize session/referrer-based redirect targets in threshold flows #758

Description

Summary

Locations

Risk

Expected

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions