From 38a684816970508a8b7896fff8b26e7a194e074e Mon Sep 17 00:00:00 2001 From: Mark Jaquith Date: Wed, 19 Sep 2007 04:14:53 +0000 Subject: [PATCH] Put a filter in wp_safe_redirect() so people can whitelist other domains. see #4606 git-svn-id: https://develop.svn.wordpress.org/trunk@6136 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-includes/pluggable.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 20cb678472..97be01b4a4 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -427,7 +427,9 @@ function wp_safe_redirect($location, $status = 302) { $lp = parse_url($location); $wpp = parse_url(get_option('home')); - if ( isset($lp['host']) && $lp['host'] != $wpp['host'] ) + $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host'])); + + if ( isset($lp['host']) && !in_array($lp['host'], $allowed_hosts) ) $location = get_option('siteurl') . '/wp-admin/'; wp_redirect($location, $status);