In wp_sanitize_redirect(), don't eat @ characters. According to RFC 3986, "@" is a perfectly valid character in a URL path or query string.

Adds unit test.

Props markjaquith.
Fixes #18818.

Built from https://develop.svn.wordpress.org/trunk@33707


git-svn-id: http://core.svn.wordpress.org/trunk@33674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Scott Taylor 2015-08-22 17:05:24 +00:00
parent 523b51a359
commit 5510b519f5
2 changed files with 2 additions and 2 deletions

View File

@ -1232,7 +1232,7 @@ function wp_sanitize_redirect($location) {
){1,40} # ...one or more times
)/x';
$location = preg_replace_callback( $regex, '_wp_sanitize_utf8_in_redirect', $location );
$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()]|i', '', $location);
$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()@]|i', '', $location);
$location = wp_kses_no_null($location);
// remove %0d and %0a from location

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.4-alpha-33706';
$wp_version = '4.4-alpha-33707';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.