Improve URL validation in `wp_validate_redirect()`.
Merges [45971] to the 4.3 branch. Props vortfu, whyisjake, peterwilsoncc. Built from https://develop.svn.wordpress.org/branches/4.3@45982 git-svn-id: http://core.svn.wordpress.org/branches/4.3@45793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
3bdd96e940
commit
96c871a4f9
|
@ -1319,6 +1319,14 @@ function wp_validate_redirect($location, $default = '') {
|
|||
if ( isset($lp['scheme']) && !('http' == $lp['scheme'] || 'https' == $lp['scheme']) )
|
||||
return $default;
|
||||
|
||||
if ( ! isset( $lp['host'] ) && ! empty( $lp['path'] ) && '/' !== $lp['path'][0] ) {
|
||||
$path = '';
|
||||
if ( ! empty( $_SERVER['REQUEST_URI'] ) ) {
|
||||
$path = dirname( parse_url( 'http://placeholder' . $_SERVER['REQUEST_URI'], PHP_URL_PATH ) . '?' );
|
||||
}
|
||||
$location = '/' . ltrim( $path . '/', '/' ) . $location;
|
||||
}
|
||||
|
||||
// Reject if certain components are set but host is not. This catches urls like https:host.com for which parse_url does not set the host field.
|
||||
if ( ! isset( $lp['host'] ) && ( isset( $lp['scheme'] ) || isset( $lp['user'] ) || isset( $lp['pass'] ) || isset( $lp['port'] ) ) ) {
|
||||
return $default;
|
||||
|
|
Loading…
Reference in New Issue