Consider both home and site domains to be valid in `wp_validate_redirect()`.

Props layotte.
Fixes #34028.

Built from https://develop.svn.wordpress.org/trunk@35792


git-svn-id: http://core.svn.wordpress.org/trunk@35756 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/pluggable.php

@@ -1348,6 +1348,7 @@ function wp_validate_redirect($location, $default = '') {
 		return $default;
 
 	$wpp = parse_url(home_url());
+	$site = parse_url( site_url() );
 
 	/**
 	 * Filter the whitelist of hosts to redirect to.
@@ -1357,9 +1358,9 @@ function wp_validate_redirect($location, $default = '') {
 	 * @param array       $hosts An array of allowed hosts.
 	 * @param bool|string $host  The parsed host; empty if not isset.
 	 */
-	$allowed_hosts = (array) apply_filters( 'allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '' );
+	$allowed_hosts = (array) apply_filters( 'allowed_redirect_hosts', array( $wpp['host'], $site['host'] ), isset( $lp['host'] ) ? $lp['host'] : '' );
 
-	if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) )
+	if ( isset($lp['host']) && ( ! in_array( $lp['host'], $allowed_hosts ) && ( $lp['host'] != strtolower( $wpp['host'] ) || $lp['host'] != strtolower( $site['host'] ) ) ) )
 		$location = $default;
 
 	return $location;
@@ -2480,4 +2481,3 @@ function wp_text_diff( $left_string, $right_string, $args = null ) {
 	return $r;
 }
 endif;
-

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.5-alpha-35791';
+$wp_version = '4.5-alpha-35792';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.