[wp-trac] Re: [WordPress Trac] #10226: Sanitization bypass in clean_url and wp_sanitise redirect

WordPress Trac wp-trac at lists.automattic.com
Sat Jun 20 17:42:27 GMT 2009


#10226: Sanitization bypass in clean_url and wp_sanitise redirect
--------------------------+-------------------------------------------------
 Reporter:  westi         |        Owner:  westi 
     Type:  defect (bug)  |       Status:  closed
 Priority:  normal        |    Milestone:  2.8.1 
Component:  Security      |      Version:  2.8   
 Severity:  normal        |   Resolution:  fixed 
 Keywords:                |  
--------------------------+-------------------------------------------------
Changes (by westi):

  * status:  new => closed
  * resolution:  => fixed


Comment:

 (In [11615]) Introduce _deep_replace() and use it to improve the stripping
 of percent encoded values from urls. Fixes #10226 for trunk.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/10226#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list