[wp-trac] [WordPress Trac] #18818: wp_sanitize_redirect() kills "@" in URL's
WordPress Trac
noreply at wordpress.org
Sat Aug 22 17:04:19 UTC 2015
#18818: wp_sanitize_redirect() kills "@" in URL's
-----------------------------+------------------------------
Reporter: theandystratton | Owner: theandystratton
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.4
Component: Formatting | Version: 3.2.1
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses:
-----------------------------+------------------------------
Changes (by wonderboymusic):
* status: reopened => closed
* resolution: => fixed
Comment:
In [changeset:"33707"]:
{{{
#!CommitTicketReference repository="" revision="33707"
In `wp_sanitize_redirect()`, don't eat `@` characters. According to RFC
3986, "@" is a perfectly valid character in a URL path or query string.
Adds unit test.
Props markjaquith.
Fixes #18818.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/18818#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list