Skip to content
Browse files

Always wp_unslash() the return of wp_get_referer().

see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent f23bcb8 commit 09d2c65970c6f5ecadeda603e7b4fd816f2ddd67 Ryan Boren committed
Showing with 4 additions and 4 deletions.
  1. +1 −1 wp-admin/edit-form-advanced.php
  2. +1 −1 wp-admin/upgrade.php
  3. +1 −1 wp-admin/user-edit.php
  4. +1 −1 wp-includes/functions.php
View
2 wp-admin/edit-form-advanced.php
@@ -314,7 +314,7 @@
<input type="hidden" id="post_author" name="post_author" value="<?php echo esc_attr( $post->post_author ); ?>" />
<input type="hidden" id="post_type" name="post_type" value="<?php echo esc_attr( $post_type ) ?>" />
<input type="hidden" id="original_post_status" name="original_post_status" value="<?php echo esc_attr( $post->post_status) ?>" />
-<input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url(wp_unslash(wp_get_referer())); ?>" />
+<input type="hidden" id="referredby" name="referredby" value="<?php echo esc_url(wp_get_referer()); ?>" />
<?php if ( ! empty( $active_post_lock ) ) { ?>
<input type="hidden" id="active_post_lock" value="<?php echo esc_attr( implode( ':', $active_post_lock ) ); ?>" />
<?php
View
2 wp-admin/upgrade.php
@@ -77,7 +77,7 @@
<?php else :
switch ( $step ) :
case 0:
- $goback = wp_unslash( wp_get_referer() );
+ $goback = wp_get_referer();
$goback = esc_url_raw( $goback );
$goback = urlencode( $goback );
?>
View
2 wp-admin/user-edit.php
@@ -54,7 +54,7 @@
'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
);
-$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
+$wp_http_referer = remove_query_arg(array('update', 'delete_count'), $wp_http_referer );
$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' );
View
2 wp-includes/functions.php
@@ -1283,7 +1283,7 @@ function wp_get_referer() {
$ref = $_SERVER['HTTP_REFERER'];
if ( $ref && $ref !== $_SERVER['REQUEST_URI'] )
- return $ref;
+ return wp_unslash( $ref );
return false;
}

0 comments on commit 09d2c65

Please sign in to comment.
Something went wrong with that request. Please try again.