Changeset 56837
- Timestamp:
- 10/12/2023 12:39:18 PM (10 months ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/user.php
r56599 r56837 639 639 * @since 5.6.0 640 640 * @since 6.2.0 Allow insecure HTTP connections for the local environment. 641 641 642 * 642 643 * @param array $request { … … 652 653 */ 653 654 function wp_is_authorize_application_password_request_valid( $request, $user ) { 654 $error = new WP_Error(); 655 $is_local = 'local' === wp_get_environment_type(); 656 657 if ( ! empty( $request['success_url'] ) ) { 658 $scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME ); 659 660 if ( 'http' === $scheme && ! $is_local ) { 655 $error = new WP_Error(); 656 657 if ( isset( $request['success_url'] ) ) { 658 $validated_success_url = wp_is_authorize_application_redirect_url_valid( $request['success_url'] ); 659 if ( is_wp_error( $validated_success_url ) ) { 661 660 $error->add( 662 'invalid_redirect_scheme',663 __( 'The success URL must be served over a secure connection.')661 , 662 ) 664 663 ); 665 664 } 666 665 } 667 666 668 if ( ! empty( $request['reject_url'] ) ) { 669 $scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME ); 670 671 if ( 'http' === $scheme && ! $is_local ) { 667 if ( isset( $request['reject_url'] ) ) { 668 $validated_reject_url = wp_is_authorize_application_redirect_url_valid( $request['reject_url'] ); 669 if ( is_wp_error( $validated_reject_url ) ) { 672 670 $error->add( 673 'invalid_redirect_scheme',674 __( 'The rejection URL must be served over a secure connection.')671 , 672 ) 675 673 ); 676 674 } … … 701 699 return true; 702 700 } 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756
Note: See TracChangeset
for help on using the changeset viewer.