wp_kses_no_null() redirect location for extra protection.
git-svn-id: http://svn.automattic.com/wordpress/trunk@3992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
7c65645c62
commit
6a2bf58f78
|
@ -261,6 +261,7 @@ function wp_redirect($location) {
|
|||
global $is_IIS;
|
||||
|
||||
$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%]|i', '', $location);
|
||||
$location = wp_kses_no_null($location);
|
||||
|
||||
$strip = array('%0d', '%0a');
|
||||
$location = str_replace($strip, '', $location);
|
||||
|
|
Loading…
Reference in New Issue