[wp-trac] [WordPress Trac] #8593: HTTP_HOST being manipulated improperly for redirects
WordPress Trac
wp-trac at lists.automattic.com
Tue Mar 22 14:49:42 UTC 2011
#8593: HTTP_HOST being manipulated improperly for redirects
--------------------------+-----------------------------
Reporter: revmj | Owner: markjaquith
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Canonical | Version:
Severity: normal | Resolution:
Keywords: has-patch |
--------------------------+-----------------------------
Comment (by hakre):
I've done some testing with this. 'HTTP_PORT' is not set as far as I can
see on multiple setups and 'HTTP_HOST' conains the port number in case
it's not the standard port of the protocol.
So actually HTTP_HOST is to look into.
Patch introduces a new function called wp_requested_url() which is of
general use to retrieve the requested URI or URL.
It does so by dealing with default http(s) ports as well so removing them
in case they are not needed.
Additionally, it's possible to to switch the requested URL into a SSL or
non SSL variant by making use of an optional parameter.
It might even make sense to make it filter-able so that specific
server/cache/proxy setups can deal with the requested URL if they need to
do so.
Related: #16884
--
Ticket URL: <http://core.trac.wordpress.org/ticket/8593#comment:12>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list