From d2de590be283510b77b7e6b87d2209ccfe840850 Mon Sep 17 00:00:00 2001
From: markjaquith <markjaquith@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 30 Aug 2007 17:47:35 +0000
Subject: [PATCH] Better %0d/%0a sanitization for wp_redirect() from hakre. 
 fixes #4819 for 2.0.12

git-svn-id: http://svn.automattic.com/wordpress/branches/2.0@5992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/pluggable-functions.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/wp-includes/pluggable-functions.php b/wp-includes/pluggable-functions.php
index 24dee30b1e..be4881ca03 100644
--- a/wp-includes/pluggable-functions.php
+++ b/wp-includes/pluggable-functions.php
@@ -261,8 +261,18 @@ function wp_redirect($location, $status = 302) {
 
 	$location = preg_replace('|[^a-z0-9-~\+_\.\?#=&;,/:%]|i', '', $location);
 
+	// remove %0d and %0a from location
 	$strip = array('%0d', '%0a');
-	$location = str_replace($strip, '', $location);
+	$found = true;
+	while($found) {
+		$found = false;
+		foreach($strip as $val) {
+			while(strpos($location, $val) !== false) {
+				$found = true;
+				$location = str_replace($val, '', $location);
+			}
+		}
+	}
 
 	if ( $is_IIS ) {
 		header("Refresh: 0;url=$location");