[wp-trac] [WordPress Trac] #17052: wp_sanitize_redirect() removes square brackets from URL
WordPress Trac
noreply at wordpress.org
Thu Feb 20 00:11:47 UTC 2014
#17052: wp_sanitize_redirect() removes square brackets from URL
-------------------------------------+-----------------------------
Reporter: bluntelk | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Future Release
Component: Formatting | Version: 3.1
Severity: minor | Resolution:
Keywords: has-patch needs-refresh | Focuses:
-------------------------------------+-----------------------------
Comment (by gcorne):
Allowing square brackets is also important when dealing with IPv6 literals
(see [http://www.ietf.org/rfc/rfc2732.txt RFC2732]). The patch
[attachment:17052-02.patch 17052-02.patch] adds a couple unit tests in
addition to adding [ and ] to the whitelist of allowed characters.
I am not sure that we want to "@" as part of this same patch, but "@" is a
reserved character so I think it is appropriate for it to be allowed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/17052#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list