Use wp_safe_redirect(). No need to allow offsite redirects.

git-svn-id: http://svn.automattic.com/wordpress/trunk@20425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 17:21:17 +00:00 · 2012-04-10 17:21:17 +00:00 · ab78931b86
parent b0a975512a
commit ab78931b86
1 changed files with 1 additions and 1 deletions
--- a/wp-comments-post.php
+++ b/wp-comments-post.php
@ -95,5 +95,5 @@ do_action('set_comment_cookies', $comment, $user);
 $location = empty($_POST['redirect_to']) ? get_comment_link($comment_id) : $_POST['redirect_to'] . '#comment-' . $comment_id;
 $location = apply_filters('comment_post_redirect', $location, $comment);

-wp_redirect($location);
+wp_safe_redirect( $location );
 exit;