Skip to content

Commit 6ef777e

Browse files
committed
Formatting: Ensure that wp_validate_redirect() sanitizes a wider variety of characters.
Merges [47949] to the 5.4 branch. Props: xknow, vortfu. git-svn-id: https://develop.svn.wordpress.org/branches/5.4@47955 602fd350-edb4-49c9-b593-d223f7449a82
1 parent 0977c0d commit 6ef777e

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: src/wp-includes/pluggable.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -1407,7 +1407,7 @@ function wp_safe_redirect( $location, $status = 302, $x_redirect_by = 'WordPress
14071407
* @return string redirect-sanitized URL
14081408
*/
14091409
function wp_validate_redirect( $location, $default = '' ) {
1410-
$location = trim( $location, " \t\n\r\0\x08\x0B" );
1410+
$location = wp_sanitize_redirect( trim( $location, " \t\n\r\0\x08\x0B" ) );
14111411
// Browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'.
14121412
if ( substr( $location, 0, 2 ) == '//' ) {
14131413
$location = 'http:' . $location;

0 commit comments

Comments
 (0)