[wp-trac] [WordPress Trac] #47980: New wp_validate_redirect() removes domain in some circumstances.
WordPress Trac
noreply at wordpress.org
Mon Oct 14 01:56:06 UTC 2019
#47980: New wp_validate_redirect() removes domain in some circumstances.
--------------------------+-----------------------------
Reporter: rconde | Owner: SergeyBiryukov
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 5.2.4
Component: General | Version: 5.2.3
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
--------------------------+-----------------------------
Comment (by SergeyBiryukov):
Replying to [comment:21 peterwilsoncc]:
> In [attachment:"47980.diff"]
>
> * switched to using `wp_normalize_path()` before left trimming the URL.
This ensures the `dirname()` output is converted to `/` throughout and
keeps path normalization DRY
> * Added some unit tests for validating redirects without hostnames
Looks correct, though the tests appear to pass for me on Windows 10 both
before and after the patch.
I could not yet reproduce the original issue either, so it looks like not
all Windows configurations are affected. It would be helpful to know the
Windows version on the affected installs, the server software, and whether
the login URLs were customized in some way.
I'll see if I can come up with tests that fail before the patch and pass
after.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47980#comment:22>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list