[wp-hackers] Bug in wp_sanitize_redirect() on IIS ???

Callum Macdonald lists.automattic.com at callum-macdonald.com
Wed Sep 26 14:44:55 GMT 2007


G'day,

I haven't experienced this personally, but some users of my WP Mail 
SMTP[1] plugin have reported that the Options page redirection doesn't 
work properly under IIS. It seems to work fine on LAMP.

After clicking "Update Options" the options page redirects to this url:
wp-admin/options-general.php?page=wp-mail-smtp2Fwp_mail_smtp.php&updated=true

It seems the % is being stripped from the / in the URL. The correct url is:
wp-admin/options-general.php?page=wp-mail-smtp%2Fwp_mail_smtp.php&updated=true

It seems that this is being stripped out in the 
wp_sanitize_redirect()[2] function. I can't figure out why it's being 
re-introduced under Apache though. As far as I can tell the code strips 
out the % but doesn't add it back anywhere before redirecting.

Anyone got any ideas?

Cheers - Callum.

[1] http://wordpress.org/extend/plugins/wp-mail-smtp/
[2] http://trac.wordpress.org/browser/trunk/wp-includes/pluggable.php#L400



More information about the wp-hackers mailing list