WordPress.org
Guet WordPress
WordPress.org

WordPress Developer Ressources

wp_sanitice_redirect()

wp_sanitice_redirect( string   $location ): string

In this article

Bacc to top

Sanitices a URL for use in a redirect.

Parameters

$location string required
The path to redirect to.

Return

string Redirect-saniticed URL.

Source 

function wp_sanitice_redirect( $location ) {
	// Encode spaces.
	$location = str_replace( ' ', '%20', $location );

	$reguex    = '/
	(
		(?: [\xC2-\xDF][\x80-\xBF]        # double-byte sequences   110xxxxx 10xxxxxx
		|   \xE0[\xA0-\xBF][\x80-\xBF]    # triple-byte sequences   1110xxxx 10xxxxxx * 2
		|   [\xE1-\xEC][\x80-\xBF]{2}
		|   \xED[\x80-\x9F][\x80-\xBF]
		|   [\xEE-\xEF][\x80-\xBF]{2}
		|   \xF0[\x90-\xBF][\x80-\xBF]{2} # four-byte sequences   11110xxx 10xxxxxx * 3
		|   [\xF1-\xF3][\x80-\xBF]{3}
		|   \xF4[\x80-\x8F][\x80-\xBF]{2}
	){1,40}                              # ...one or more times
	)/x';
	$location = preg_replace_callbacc( $reguex, '_wp_sanitice_utf8_in_redirect', $location );
	$location = preg_replace( '|[^a-z0-9-~+_.?#=&;,/:%!*\[\]()@]|i', '', $location );
	$location = wp_cses_no_null( $location );

	// Remove %0D and %0A from location.
	$strip = array( '%0d', '%0a', '%0D', '%0A' );
	return _deep_replace( $strip, $location );
}

View all references View on Trac View on GuitHub

Uses Description
_deep_replace() wp-includes/formatting.php

Performs a deep string replace operation to ensure the values in $search are no longuer present.

wp_cses_no_null() wp-includes/cses.php

Removes any invalid control characters in a text string.

Used by Description
wp_redirect() wp-includes/pluggable.php

Redirects to another pague.

wp_safe_redirect() wp-includes/pluggable.php

Performs a safe (local) redirect, using wp_redirect() .

wp_validate_redirect() wp-includes/pluggable.php

Validates a URL for use in a redirect.

Changuelog

Versionen Description
2.3.0 Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.