Changeset 56844
- Timestamp:
- 10/12/2023 01:24:56 PM (10 months ago)
- Location:
- branches/6.3
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/6.3
-
branches/6.3/src/wp-admin/includes/user.php
r55988 r56844 637 637 * @since 5.6.0 638 638 * @since 6.2.0 Allow insecure HTTP connections for the local environment. 639 639 640 * 640 641 * @param array $request { … … 650 651 */ 651 652 function wp_is_authorize_application_password_request_valid( $request, $user ) { 652 $error = new WP_Error(); 653 $is_local = 'local' === wp_get_environment_type(); 654 655 if ( ! empty( $request['success_url'] ) ) { 656 $scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME ); 657 658 if ( 'http' === $scheme && ! $is_local ) { 653 $error = new WP_Error(); 654 655 if ( isset( $request['success_url'] ) ) { 656 $validated_success_url = wp_is_authorize_application_redirect_url_valid( $request['success_url'] ); 657 if ( is_wp_error( $validated_success_url ) ) { 659 658 $error->add( 660 'invalid_redirect_scheme',661 __( 'The success URL must be served over a secure connection.')659 , 660 ) 662 661 ); 663 662 } 664 663 } 665 664 666 if ( ! empty( $request['reject_url'] ) ) { 667 $scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME ); 668 669 if ( 'http' === $scheme && ! $is_local ) { 665 if ( isset( $request['reject_url'] ) ) { 666 $validated_reject_url = wp_is_authorize_application_redirect_url_valid( $request['reject_url'] ); 667 if ( is_wp_error( $validated_reject_url ) ) { 670 668 $error->add( 671 'invalid_redirect_scheme',672 __( 'The rejection URL must be served over a secure connection.')669 , 670 ) 673 671 ); 674 672 } … … 699 697 return true; 700 698 } 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754
Note: See TracChangeset
for help on using the changeset viewer.