Skip to content
Browse files

More robust wp_safe_redirect(). Introducing wp_sanitize_redirect() fo…

…r use in wp_redirect() and wp_safe_redirect(). fixes #4606

git-svn-id: http://svn.automattic.com/wordpress/trunk@6134 1a063a9b-81f0-0310-95a4-ce76da25c4cd
  • Loading branch information...
1 parent deb7701 commit 3c89a5c5d7b90b65bd9a7adbf65810c6715d0b3e markjaquith committed Sep 19, 2007
Showing with 32 additions and 15 deletions.
  1. +32 −15 wp-includes/pluggable.php
View
47 wp-includes/pluggable.php
@@ -373,6 +373,24 @@ function wp_redirect($location, $status = 302) {
if ( !$location ) // allows the wp_redirect filter to cancel a redirect
return false;
+ $location = wp_sanitize_redirect($location);
+
+ if ( $is_IIS ) {
+ header("Refresh: 0;url=$location");
+ } else {
+ if ( php_sapi_name() != 'cgi-fcgi' )
+ status_header($status); // This causes problems on IIS and some FastCGI setups
+ header("Location: $location");
+ }
+}
+endif;
+
+if ( !function_exists('wp_sanitize_redirect') ) :
+/**
+ * sanitizes a URL for use in a redirect
+ * @return string redirect-sanitized URL
+ **/
+function wp_sanitize_redirect($location) {
$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
$location = wp_kses_no_null($location);
@@ -388,14 +406,7 @@ function wp_redirect($location, $status = 302) {
}
}
}
-
- if ( $is_IIS ) {
- header("Refresh: 0;url=$location");
- } else {
- if ( php_sapi_name() != 'cgi-fcgi' )
- status_header($status); // This causes problems on IIS and some FastCGI setups
- header("Location: $location");
- }
+ return $location;
}
endif;
@@ -405,13 +416,19 @@ function wp_redirect($location, $status = 302) {
* @return void
**/
function wp_safe_redirect($location, $status = 302) {
- if ( $location{0} == '/' ) {
- if ( $location{1} == '/' )
- $location = get_option('home') . '/';
- } else {
- if ( substr($location, 0, strlen(get_option('home'))) != get_option('home') )
- $location = get_option('home') . '/';
- }
+
+ // Need to look at the URL the way it will end up in wp_redirect()
+ $location = wp_sanitize_redirect($location);
+
+ // browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
+ if ( substr($location, 0, 2) == '//' )
+ $location = 'http:' . $location;
+
+ $lp = parse_url($location);
+ $wpp = parse_url(get_option('home'));
+
+ if ( isset($lp['host']) && $lp['host'] != $wpp['host'] )
+ $location = get_option('siteurl') . '/wp-admin/';
wp_redirect($location, $status);
}

0 comments on commit 3c89a5c

Please sign in to comment.
Something went wrong with that request. Please try again.