wp_safe_redirect
wp_safe_redirect ( $location, $status = 302, $x_redirect_by = 'WordPress' )
Parameters:- (string) location The path or URL to redirect to.
- (int) status Optional. HTTP response status code to use. Default '302' (Moved Temporarily).
- (string|false) x_redirect_by Optional. The application doing the redirect or false to omit. Default 'WordPress'.
Returns:- (bool) False if the redirect was canceled, true otherwise.
Defined at:Change Log: - Introduced in WordPress: 2.3.0
- Deprecated in WordPress: —
Description
Performs a safe (local) redirect, using wp_redirect().Checks whether the $location is using an allowed host, if it has an absolute
path. A plugin can therefore set or remove allowed host(s) to or from the
list.
If the host is not allowed, then the redirect defaults to wp-admin on the siteurl
instead. This prevents malicious redirects which redirect to another host,
but only used in a few places.
Note: wp_safe_redirect() does not exit automatically, and should almost always be
followed by a call to `exit;`:
wp_safe_redirect( $url );
exit;
Exiting can also be selectively manipulated by using wp_safe_redirect() as a conditional
in conjunction with the {@see 'wp_redirect'} and {@see 'wp_redirect_status'} filters:
if ( wp_safe_redirect( $url ) ) {
exit;
}