General: Correct path replacement regex in wp_guess_url.

dream-encode · dream-encode · commit 7b9d4cf54a92 · 2022-09-13T19:48:45.000Z
In `wp_guess_url`, the regex to check for wp-login.php in the URL is slightly too permissive, not escaping `.` in "wp-login.php". `.` is a token in regex that matches any character. This change simply escapes the `.` and adds unit test coverage for `wp_guess_url`. Props cfinke, ocean90, jrf, voldemortensen, jdgrimes, curdin, netweb, petitphp, SergeyBiryukov, costdev. Fixes #36827. git-svn-id: https://develop.svn.wordpress.org/trunk@54146 602fd350-edb4-49c9-b593-d223f7449a82
diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
@@ -6033,7 +6033,7 @@ function wp_guess_url() {
 
 		// The request is for the admin.
 		if ( strpos( $_SERVER['REQUEST_URI'], 'wp-admin' ) !== false || strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false ) {
-			$path = preg_replace( '#/(wp-admin/.*|wp-login.php)#i', '', $_SERVER['REQUEST_URI'] );
+			$path = preg_replace( '#/(wp-admin/?.*|wp-login\.php.*)#i', '', $_SERVER['REQUEST_URI'] );
 
 			// The request is for a file in ABSPATH.
 		} elseif ( $script_filename_dir . '/' === $abspath_fix ) {
diff --git a/tests/phpunit/tests/functions/wpGuessUrl.php b/tests/phpunit/tests/functions/wpGuessUrl.php
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Test wp_guess_url().
+ *
+ * @group functions.php
+ * @covers ::wp_guess_url
+ */
+class Tests_Functions_wpGuessUrl extends WP_UnitTestCase {
+
+	/**
+	 * @ticket 36827
+	 *
+	 * @dataProvider data_guess_url_should_return_site_url
+	 *
+	 * @param string $url The URL to navigate to, relative to `site_url()`.
+	 */
+	public function test_guess_url_should_return_site_url( $url ) {
+		$siteurl = site_url();
+		$this->go_to( site_url( $url ) );
+		$this->assertSame( $siteurl, wp_guess_url() );
+	}
+
+	/**
+	 * Data provider.
+	 *
+	 * @return array
+	 */
+	function data_guess_url_should_return_site_url() {
+		return array(
+			'no trailing slash'                            => array( 'url' => 'wp-admin' ),
+			'trailing slash'                               => array( 'url' => 'wp-admin/' ),
+			'trailing slash, query var'                    => array( 'url' => 'wp-admin/?foo=bar' ),
+			'file extension, no trailing slash'            => array( 'url' => 'wp-login.php' ),
+			'file extension, query var, no trailing slash' => array( 'url' => 'wp-login.php?foo=bar' ),
+		);
+	}
+}
