[wp-trac] [WordPress Trac] #47980: New wp_validate_redirect() removes domain in some circumstances.
WordPress Trac
noreply at wordpress.org
Mon Oct 14 08:38:52 UTC 2019
#47980: New wp_validate_redirect() removes domain in some circumstances.
--------------------------+-----------------------------
Reporter: rconde | Owner: SergeyBiryukov
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 5.2.4
Component: General | Version: 5.2.3
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
--------------------------+-----------------------------
Comment (by rconde):
I'm the OP of this ticket to give you some insight.
I'm on Windows 10 pro.
Download XAMPP for windows, clean install of xampp, then clean install of
WP. Nothing customized. That's all.
I've just tested with and without the patch just in case a Windows hotfix
fixed this, and not: Without the patch the original issue persists.
Replying to [comment:22 SergeyBiryukov]:
> Replying to [comment:21 peterwilsoncc]:
> > In [attachment:"47980.diff"]
> >
> > * switched to using `wp_normalize_path()` before left trimming the
URL. This ensures the `dirname()` output is converted to `/` throughout
and keeps path normalization DRY
> > * Added some unit tests for validating redirects without hostnames
>
> Looks correct, though the tests appear to pass for me on Windows 10 both
before and after the patch.
>
> I could not yet reproduce the original issue either, so it looks like
not all Windows configurations are affected. It would be helpful to know
the Windows version on the affected installs, the server software, and
whether the login URLs were customized in some way.
>
> I'll see if I can come up with tests that fail before the patch and pass
after.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47980#comment:23>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list