[wp-trac] [WordPress Trac] #7270: tilde character encoded by
mod_proxy creates a redirect loop on login
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 9 15:55:49 GMT 2008
#7270: tilde character encoded by mod_proxy creates a redirect loop on login
----------------------------+-----------------------------------------------
Reporter: hopson | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.7
Component: Administration | Version:
Severity: normal | Keywords:
----------------------------+-----------------------------------------------
When unix user accounts are frontended by Apache+mod_proxy, the tilde
character (~) is encoded as %7E. RFC 2396 states that it does not need to
be encoded, and Apache 2.3 has fixed this:
http://svn.apache.org/repos/asf/httpd/httpd/trunk/CHANGES
In wp-includes/pluggable.php, function auth_redirect (line 612 in
wordpress 2.5.1):
{{{
wp_redirect(get_option('siteurl') . '/wp-login.php?redirect_to=' .
urlencode($_SERVER['REQUEST_URI']));
}}}
creates a redirect loop, because REQUEST_URI already contains the decoded
%7E, so it is double-encoded, and then fails the path check (against
wp_settings('home'); I believe).
The attached patch (for Wordpress 2.5.1) adds a call to urldecode() before
urlencode(), to turn the %7E back into tilde.
--
Ticket URL: <http://trac.wordpress.org/ticket/7270>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list