[wp-trac] [WordPress Trac] #37670: wp_validate_redirect fails when running WordPress on a port
WordPress Trac
noreply at wordpress.org
Mon Aug 15 15:19:36 UTC 2016
#37670: wp_validate_redirect fails when running WordPress on a port
--------------------------+-----------------------------
Reporter: raptor235 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 4.5.3
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
$allowed_hosts is checking againts host value the parsed host value
doesn't contain the port number and $wpp does. Thereror hosts aren't
matched and wp_validate_redirect fails.
$lp = @parse_url($test);
equals
array (size=4)
'scheme' => string 'http' (length=4)
'host' => string 'localhost' (length=9)
'port' => int 3002
'path' => string '/project/xactly-com/insights/' (length=29)
where
$wpp = parse_url(home_url());
equals
array (size=2)
'scheme' => string 'http' (length=4)
'host' => string 'localhost:3002' (length=23)
will result in
if (isset($lp['host']) && (!in_array($lp['host'], $allowed_hosts) &&
$lp['host'] != strtolower($wpp['host']))) {
failing
The server is running on a local proxy.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37670>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list