[wp-trac] [WordPress Trac] #36827: Regular expression in wp_guess_url() is slightly too permissive.
WordPress Trac
noreply at wordpress.org
Mon Jun 13 19:15:43 UTC 2016
#36827: Regular expression in wp_guess_url() is slightly too permissive.
----------------------------------------+------------------
Reporter: cfinke | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.6
Component: General | Version: 3.4
Severity: normal | Resolution:
Keywords: has-patch needs-unit-tests | Focuses:
----------------------------------------+------------------
Comment (by jdgrimes):
If you try to access a site that hasn't been installed yet using
`http://example.com/wp-login.php?redirect_to=/somewhere`, you will be
shown the error page saying that the site is not installed yet. But the
"Create wp-config.php" button won't work, because `wp_guess_url()` doesn't
strip the query string from the URL. The link URL will be wrong, because
`wp-load.php` just does this:
{{{#!php
$path = wp_guess_url() . '/wp-admin/setup-config.php';
}}}
Resulting in `http://example.com/?redirect_to=/somewhere/wp-admin/setup-
config.php`
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36827#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list