[wp-trac] [WordPress Trac] #20060: wp_redirect() doesn't exit

WordPress Trac wp-trac at lists.automattic.com
Wed Feb 22 21:31:08 UTC 2012


#20060: wp_redirect() doesn't exit
--------------------------------------+------------------------------
 Reporter:  iandunn                   |       Owner:
     Type:  enhancement               |      Status:  new
 Priority:  normal                    |   Milestone:  Awaiting Review
Component:  Security                  |     Version:
 Severity:  normal                    |  Resolution:
 Keywords:  needs-patch dev-feedback  |
--------------------------------------+------------------------------

Comment (by iandunn):

 hakre, I think the API should exit after redirecting for the same reason
 the API sanitizes input before storing it in the database. Sure, I could
 do that myself, but it's extra work, and many developers aren't willing or
 able to do it themselves. Things like this are one of the main advantages
 of having an API in the first place.

 I also think that a large percentage of the developers who are aware of
 the exit issue just assume that the API is already doing it for them,
 which was my situation. I was very surprised to stumble upon this. If I'd
 known from the start that the API wasn't doing it I would have done it
 manually, but now I'm wondering how many of my past projects have a
 potential bug.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/20060#comment:9>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list