From f25f33c4baa73425f5738de868c73b3b3af72af2 Mon Sep 17 00:00:00 2001 From: markjaquith Date: Wed, 19 Sep 2007 04:14:53 +0000 Subject: [PATCH] Put a filter in wp_safe_redirect() so people can whitelist other domains. see #4606 git-svn-id: http://svn.automattic.com/wordpress/trunk@6136 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/pluggable.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 20cb678472..97be01b4a4 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -427,7 +427,9 @@ function wp_safe_redirect($location, $status = 302) { $lp = parse_url($location); $wpp = parse_url(get_option('home')); - if ( isset($lp['host']) && $lp['host'] != $wpp['host'] ) + $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host'])); + + if ( isset($lp['host']) && !in_array($lp['host'], $allowed_hosts) ) $location = get_option('siteurl') . '/wp-admin/'; wp_redirect($location, $status);