From 9f477686c86cbe5f95af98a6f368861d24c37014 Mon Sep 17 00:00:00 2001 From: audrasjb Date: Thu, 6 Mar 2025 15:01:23 +0000 Subject: [PATCH] Customize: Properly escape URLs passed by `url` and `return` parameters. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This changeset replaces `sanitize_text_field()` with `esc_url_raw()` for URLs passed via `url` and `return` query vars. This fixes an issue where the URL `example.com/หน้าภาษาไทย` would incorrectly return `example.com//` due to improper sanitization when clicking on the Customize button through the admin bar. Props okvee, yahaly, hellofromTonya, veryard, dilip2615, amin7, swissspidy, audrasjb. Fixes #61317. Built from https://develop.svn.wordpress.org/trunk@59945 git-svn-id: http://core.svn.wordpress.org/trunk@59287 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/customize.php | 4 ++-- wp-includes/version.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/wp-admin/customize.php b/wp-admin/customize.php index 957984cb50..fbac0dd242 100644 --- a/wp-admin/customize.php +++ b/wp-admin/customize.php @@ -84,8 +84,8 @@ if ( $wp_customize->changeset_post_id() ) { } } -$url = ! empty( $_REQUEST['url'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['url'] ) ) : ''; -$return = ! empty( $_REQUEST['return'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['return'] ) ) : ''; +$url = ! empty( $_REQUEST['url'] ) ? esc_url_raw( wp_unslash( $_REQUEST['url'] ) ) : ''; +$return = ! empty( $_REQUEST['return'] ) ? esc_url_raw( wp_unslash( $_REQUEST['return'] ) ) : ''; $autofocus = ! empty( $_REQUEST['autofocus'] ) && is_array( $_REQUEST['autofocus'] ) ? array_map( 'sanitize_text_field', wp_unslash( $_REQUEST['autofocus'] ) ) : array(); diff --git a/wp-includes/version.php b/wp-includes/version.php index 13cbe6466f..20fa1e7970 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.8-beta1-59944'; +$wp_version = '6.8-beta1-59945'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.