[wp-trac] [WordPress Trac] #18936: Site Themes Administration Screen doesn't work properly with referers disabled
WordPress Trac
wp-trac at lists.automattic.com
Thu Oct 13 22:03:46 UTC 2011
#18936: Site Themes Administration Screen doesn't work properly with referers
disabled
----------------------------+-----------------------------
Reporter: Viper007Bond | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 3.3
Severity: normal | Keywords: has-patch
----------------------------+-----------------------------
Disable sending a referer header, then visit `/wp-admin/network/site-
themes.php?id=XXXXXX` and enable a theme. You get redirected to `site-
themes.php?enabled=1` because no referer is passed in the hyperlink and
one isn't sent by the browser.
Solution is to either include the referer in each (dis|en)able link or to
have the `$referer` used in the `wp_redirect()` always add in the ID to
the URL.
I opted for the second.
There are probably other places where this happens too -- where we rely
too much on the referer to construct the redirect URL and provide the
required arguments.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/18936>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list