From 36a9be2af5ce166388eecd98d450f87e973bf74d Mon Sep 17 00:00:00 2001 From: Scott Taylor Date: Sat, 22 Aug 2015 17:04:17 +0000 Subject: [PATCH] In `wp_sanitize_redirect()`, don't eat `@` characters. According to RFC 3986, "@" is a perfectly valid character in a URL path or query string. Adds unit test. Props markjaquith. Fixes #18818. git-svn-id: https://develop.svn.wordpress.org/trunk@33707 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/pluggable.php | 2 +- tests/phpunit/tests/formatting/redirect.php | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php index 57be023165..f3247d96f2 100644 --- a/src/wp-includes/pluggable.php +++ b/src/wp-includes/pluggable.php @@ -1232,7 +1232,7 @@ function wp_sanitize_redirect($location) { ){1,40} # ...one or more times )/x'; $location = preg_replace_callback( $regex, '_wp_sanitize_utf8_in_redirect', $location ); - $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()]|i', '', $location); + $location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()@]|i', '', $location); $location = wp_kses_no_null($location); // remove %0d and %0a from location diff --git a/tests/phpunit/tests/formatting/redirect.php b/tests/phpunit/tests/formatting/redirect.php index 54fb873e45..1a89a613de 100644 --- a/tests/phpunit/tests/formatting/redirect.php +++ b/tests/phpunit/tests/formatting/redirect.php @@ -18,5 +18,6 @@ class Tests_Formatting_Redirect extends WP_UnitTestCase { $this->assertEquals('http://example.com/whyisthisintheurl/?param[1]=foo', wp_sanitize_redirect('http://example.com/whyisthisintheurl/?param[1]=foo')); $this->assertEquals('http://[2606:2800:220:6d:26bf:1447:aa7]/', wp_sanitize_redirect('http://[2606:2800:220:6d:26bf:1447:aa7]/')); $this->assertEquals('http://example.com/search.php?search=(amistillhere)', wp_sanitize_redirect('http://example.com/search.php?search=(amistillhere)')); + $this->assertEquals('http://example.com/@username', wp_sanitize_redirect('http://example.com/@username')); } }