In wp_sanitize_redirect(), don't eat @ characters. According to RFC 3986, "@" is a perfectly valid character in a URL path or query string.

Adds unit test. Props markjaquith. Fixes #18818. Built from https://develop.svn.wordpress.org/trunk@33707 git-svn-id: http://core.svn.wordpress.org/trunk@33674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-25 06:14:58 +02:00 · 2015-08-22 17:05:24 +00:00 · 2015-08-22 17:05:24 +00:00 · 5510b519f5
commit 5510b519f5
parent 523b51a359
2 changed files with 2 additions and 2 deletions
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@ -1232,7 +1232,7 @@ function wp_sanitize_redirect($location) {
 		){1,40}                              # ...one or more times
 		)/x';
 	$location = preg_replace_callback( $regex, '_wp_sanitize_utf8_in_redirect', $location );
-	$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()]|i', '', $location);
+	$location = preg_replace('|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()@]|i', '', $location);
 	$location = wp_kses_no_null($location);

 	// remove %0d and %0a from location
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.4-alpha-33706';
+$wp_version = '4.4-alpha-33707';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.