From 14bc2c0a6fde0da04b47130707e01df850eedc7e Mon Sep 17 00:00:00 2001
From: Dominik Schilling <dominikschilling+git@gmail.com>
Date: Tue, 3 Apr 2018 14:32:31 +0000
Subject: [PATCH] Login: Use `wp_safe_redirect()` when redirecting the login
 page if forced to use HTTPS.

Built from https://develop.svn.wordpress.org/trunk@42892


git-svn-id: http://core.svn.wordpress.org/trunk@42722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/version.php | 2 +-
 wp-login.php            | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/wp-includes/version.php b/wp-includes/version.php
index b54e649f2c..87d92b4eb3 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.0-alpha-42891';
+$wp_version = '5.0-alpha-42892';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
diff --git a/wp-login.php b/wp-login.php
index 93d08181ee..e7467cb5b8 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -14,10 +14,10 @@ require( dirname( __FILE__ ) . '/wp-load.php' );
 // Redirect to https login if forced to use SSL
 if ( force_ssl_admin() && ! is_ssl() ) {
 	if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
-		wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
+		wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
 		exit();
 	} else {
-		wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
 		exit();
 	}
 }