From e8f286242108447cc64650763262dd37232f666b Mon Sep 17 00:00:00 2001
From: Scott Taylor <wonderboymusic@git.wordpress.org>
Date: Sat, 28 Jun 2014 02:12:19 +0000
Subject: [PATCH] Perform a canonical redirect for posts that are published but
 are visited at a `?p=123&preview=true` URL.

Props amit, joostdevalk.
Fixes #20496.


git-svn-id: https://develop.svn.wordpress.org/trunk@28874 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/canonical.php | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php
index f563792c54..bcc9d4077d 100644
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@@ -39,6 +39,16 @@
 function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 	global $wp_rewrite, $is_IIS, $wp_query, $wpdb;
 
+	// If we're not in wp-admin and the post has been published and preview nonce
+	// is non-existant or invalid then no need for preview in query
+	if ( is_preview() && get_query_var( 'p' ) && 'publish' == get_post_status( get_query_var( 'p' ) ) ) {
+		if ( ! isset( $_GET['preview_id'] )
+			|| ! isset( $_GET['preview_nonce'] )
+			|| ! wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . (int) $_GET['preview_id'] ) ) {
+			$wp_query->is_preview = false;
+		}
+	}
+
 	if ( is_trackback() || is_search() || is_comments_popup() || is_admin() || !empty($_POST) || is_preview() || is_robots() || ( $is_IIS && !iis7_supports_permalinks() ) )
 		return;
 
@@ -68,6 +78,11 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 	if ( !isset($redirect['query']) )
 		$redirect['query'] = '';
 
+	// If its not a preview then remove it from URL
+	if ( ! is_preview() ) {
+		$redirect['query'] = remove_query_arg( 'preview', $redirect['query'] );
+	}
+
 	if ( is_feed() && ( $id = get_query_var( 'p' ) ) ) {
 		if ( $redirect_url = get_post_comments_feed_link( $id, get_query_var( 'feed' ) ) ) {
 			$redirect['query'] = _remove_qs_args_if_not_in_url( $redirect['query'], array( 'p', 'page_id', 'attachment_id', 'pagename', 'name', 'post_type', 'feed'), $redirect_url );