Incorrectly encoded redirect URLs | ww.wp.xz.cn

oleonard
(@oleonard)

10 years, 10 months ago

I’m trying to use the “Redirect” option under “Confirmation.” When I put in a URL like:

http://www.example.com/search?param1=foo&param2=bar

…the redirect sends the user to:

http://www.example.com/search?param1=foo&param2=bar

The & has been incorrectly encoded to &, breaking the target page.

Is this the expected behavior? If not, is there a workaround?

https://ww.wp.xz.cn/plugins/visual-form-builder/

Viewing 2 replies - 1 through 2 (of 2 total)

Thread Starter oleonard
(@oleonard)

10 years, 10 months ago

…And the forum incorrectly encoded my example 🙁 I’ll try adding spaces: & is encoded as & # 0 3 8 ;

Thread Starter oleonard
(@oleonard)

10 years, 10 months ago

Looks to me like line 1888 of visual-form-builder.php should be:

wp_redirect( esc_url_raw( $form->form_success_message ) );

Since esc_url_raw “does not replace entities for display. The resulting URL is safe to use in database queries, redirects and HTTP requests.”

http://codex.ww.wp.xz.cn/Function_Reference/esc_url_raw

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Incorrectly encoded redirect URLs’ is closed to new replies.

2 replies
1 participant
Last reply from: oleonard
Last activity: 10 years, 10 months ago
Status: not resolved