Open
Conversation
1. Sanitize $_SERVER input $_SERVER['REQUEST_URI']: now wrapped in sanitize_text_field(wp_unslash()) (in parse_markdown_url and handle_markdown_request) $_SERVER['HTTP_ACCEPT']: same sanitization in handle_accept_negotiation 2. Replace parse_url() with wp_parse_url() parse_markdown_url: path extracted with wp_parse_url(), with an early return if it returns false or null handle_markdown_request: trailing-slash redirect path/query built using wp_parse_url() 3. Replace wp_redirect() with wp_safe_redirect() Trailing-slash redirect: URL built with home_url(), validated with esc_url_raw(), then passed to wp_safe_redirect() Accept header redirect: URL built and validated with esc_url_raw(), then passed to wp_safe_redirect() (303) 4. Use esc_url_raw() for URLs Redirect URLs are passed through esc_url_raw() before being used Accept header redirect returns early if esc_url_raw() returns an empty string
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes #20
Replaces unsafe redirects and unsanitized
$_SERVERusage with WordPress-safe alternatives:wp_safe_redirect,wp_parse_url, and proper sanitization of$_SERVERinput.Context
The plugin used
wp_redirect()with user-influenced URLs,parse_url()instead ofwp_parse_url(), and unsanitized$_SERVER['REQUEST_URI']and$_SERVER['HTTP_ACCEPT']. This could expose open redirect risks, inconsistent behavior across PHP versions, and potential misuse of untrusted input. This PR updates redirect handling and input sanitization to follow WordPress security and coding standards.Summary
This PR can be summarized in the following changelog entry:
wp_redirect()withwp_safe_redirect(), usewp_parse_url()instead ofparse_url(), sanitize$_SERVER['REQUEST_URI']and$_SERVER['HTTP_ACCEPT']withwp_unslash()andsanitize_text_field(), and useesc_url_raw()for redirect URLs.Relevant technical choices:
wp_safe_redirect()instead ofwp_redirect(): Limits redirect targets to same-origin URLs to reduce open redirect risk.wp_parse_url()instead ofparse_url(): Matches WordPress recommendations and behaves consistently across PHP versions.sanitize_text_field(wp_unslash())for$_SERVER: Aligns with WordPress Coding Standards and Plugin Check requirements for sanitizing superglobals.esc_url_raw()for redirect URLs: Ensures URLs are validated and escaped before use in redirects.wp_parse_url()output: Handlesfalse/nullsafely before use in regex.Test instructions
.mdURL (e.g.https://yoursite.com/post-slug.md) — markdown should be returned..mdURL with a trailing slash (e.g.https://yoursite.com/post-slug.md/) — expect a 301 redirect to the URL without the slash.Accept: text/markdownon a singular post URL — expect a 303 redirect to the.mdURL.Relevant test scenarios
UI changes
Documentation
Quality assurance
Closes #20