[wp-trac] [WordPress Trac] #18936: Site Themes Administration Screen doesn't work properly with referers disabled

WordPress Trac wp-trac at lists.automattic.com
Thu Oct 13 22:03:46 UTC 2011


#18936: Site Themes Administration Screen doesn't work properly with referers
disabled
----------------------------+-----------------------------
 Reporter:  Viper007Bond    |      Owner:
     Type:  defect (bug)    |     Status:  new
 Priority:  normal          |  Milestone:  Awaiting Review
Component:  Administration  |    Version:  3.3
 Severity:  normal          |   Keywords:  has-patch
----------------------------+-----------------------------
 Disable sending a referer header, then visit `/wp-admin/network/site-
 themes.php?id=XXXXXX` and enable a theme. You get redirected to `site-
 themes.php?enabled=1` because no referer is passed in the hyperlink and
 one isn't sent by the browser.

 Solution is to either include the referer in each (dis|en)able link or to
 have the `$referer` used in the `wp_redirect()` always add in the ID to
 the URL.

 I opted for the second.

 There are probably other places where this happens too -- where we rely
 too much on the referer to construct the redirect URL and provide the
 required arguments.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/18936>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list