sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Consider both home and site domains to be valid in `wp_validate_redirect()`. 

Props layotte.
Fixes #34028.


git-svn-id: https://develop.svn.wordpress.org/trunk@35792 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Aaron D. Campbell 2015-12-06 21:16:12 +00:00
parent 53430a7343
commit 57408e271a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/wp-includes/pluggable.php
View File

@ -1348,6 +1348,7 @@ function wp_validate_redirect($location, $default = '') {
return $default;
$wpp = parse_url(home_url());
$site = parse_url( site_url() );
/**
* Filter the whitelist of hosts to redirect to.
@ -1357,9 +1358,9 @@ function wp_validate_redirect($location, $default = '') {
* @param array $hosts An array of allowed hosts.
* @param bool|string $host The parsed host; empty if not isset.
*/
$allowed_hosts = (array) apply_filters( 'allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '' );
$allowed_hosts = (array) apply_filters( 'allowed_redirect_hosts', array( $wpp['host'], $site['host'] ), isset( $lp['host'] ) ? $lp['host'] : '' );
if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
if ( isset($lp['host']) && ( ! in_array( $lp['host'], $allowed_hosts ) && ( $lp['host'] != strtolower( $wpp['host'] ) || $lp['host'] != strtolower( $site['host'] ) ) ) )
$location = $default;
return $location;
@ -2480,4 +2481,3 @@ function wp_text_diff( $left_string, $right_string, $args = null ) {
return $r;
}
endif;