[wp-trac] [WordPress Trac] #36827: Regular expression in wp_guess_url() is slightly too permissive.
WordPress Trac
noreply at wordpress.org
Thu May 12 22:56:25 UTC 2016
#36827: Regular expression in wp_guess_url() is slightly too permissive.
--------------------------+-----------------------------
Reporter: cfinke | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: trunk
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
In `wp_guess_url()`, there is a regular expression is supposed to replace
`wp-admin/*` or `wp-login.php` in a URL:
`$path = preg_replace( '#/(wp-admin/.*|wp-login.php)#i', '',
$_SERVER['REQUEST_URI'] );`
However, the dot in `wp-login.php` is not escaped, so the replacement will
also run when any character is in that position, not just a period. The
enclosing `if ()` statement makes this exceedingly unlikely to happen, but
the dot should be escaped regardless.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36827>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list