This problem will hardly be considered by anyone. After all, the number of people who use this function may be relatively small. So what is this function for?
Introduction to wp_safe_direct() function
Function Usage wp_safe_redirect( string $location, int $status = 302, string $x_redirect_by = WordPress ) Performs a safe (local) redirect, using wp_redirect(). Function introduction
Checks whether the $location is using an allowed host, if it has an absolute path. A plugin can therefore set or remove allowed host(s) to or from the list. If the host is not allowed, then the redirect defaults to wp-admin on the siteurl instead. This prevents malicious redirects which redirect to another host, but only used in a few places. Note: wp_safe_redirect() does not exit automatically, and should almost always be followed by a call to exit;: wp_safe_redirect( $url ); exit; Exiting can also be selectively manipulated by using wp_safe_redirect() as a conditional
in conjunction with the ‘wp_redirect’ and ‘wp_redirect_location’ filters:if ( wp_safe_redirect( $url ) ) { exit; }
Parameter introduction $location
(string)
(Required)
The path or URL to redirect to. $status
(int)
(Optional)
HTTP response status code to use. Default 302 (Moved Temporarily). Default value: 302 $x_redirect_by
(string)
(Optional)
The application doing the redirect. Default value: WordPress Return value
(bool) False if the redirect was cancelled, true otherwise.
Through the above introduction, we basically know that this function is used to redirect, but in addition to this function, the wp_redirect() function also has the redirect function. What is the difference between the two?
The following is the wp_safe_direct() source code:
Through the source code, we can see that the function is processed by the wp_validate_redirect() function and finally output through the wp_redirect() function. The key is what the wp_validate_redirect() function does:
Through the source code of this function, we know that this function passes through a filter, and this filter is the key to the realization of this function: allowed_redirect_hosts
A brief introduction to allowed_redirect_hosts:
Introduction to the allowed_redirect_hosts function
Function Usage apply_filters( allowed_redirect_hosts, string[] $hosts, string $host ) Filters the list of allowed hosts to redirect to. Function introduction No data temporarily Parameter introduction $hosts
(string[])
An array of allowed host names. $host
(string)
The host name of the redirect destination; empty string if not set. Return value No data temporarily
The simple understanding is to provide an array. The domain names in these arrays can be considered safe and can be skipped. Otherwise, you can directly jump to the/wp admin interface. This is also One of the biggest differences between wp_redirect() and wp_safe_direct() is that the latter provides a set of safe jump address ranges, while the former ignores them 。
After understanding the allowed_redirect_hosts filter, what we need to do is to combine a security address array provided by ourselves with the array provided by the system and return:
function my_allowed_redirect_hosts( $hosts ) {
$my_hosts = array(
blog.example.com,
codex.example.com,
);
return array_merge( $hosts, $my_hosts );
};
add_filter( allowed_redirect_hosts, my_allowed_redirect_hosts );
The above examples are official and are the most standard function codes. You only need to modify blog. example. com and code. example. com to achieve the goal, and then add them to function. php.
The above is all about this article. If you are interested in it, you can practice it yourself. Copying and pasting can't help you. Understand the principle. Even if you can only get 1%, you will earn money.
