Danw33 · April 1, 2019 01:52
diff --git a/mu-plugin-log-wp-redirects.php b/mu-plugin-log-wp-redirects.php
 <?php
 /**
 * Logs calls to wp_safe_redirect and wp_redirect to allow for server-side optimisation of common redirects
 *
 *
 * @wordpress-plugin
 * Plugin Name:       WP Redirect Log
 * Plugin URI:        https://gist.github.com/Danw33/6ad3b423ca2d57ed46a1b21461c13498
 * Description:       Logs calls to wp_redirect and wp_safe_redirect to allow for server-side optimisation of common redirects
 * Version:           1.0.0
 * Author:            Daniel Wilson
 * Author URI:        https://danw.io/
 * License:           GPL-3.0+
 * License URI:       http://www.gnu.org/licenses/gpl-3.0.txt
 */

 /*
  Redirect Log for WordPress (mu-plugin)
  Copyright (C) 2018 - 2019 Daniel Wilson - @Danw33

  This program is free software: you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation, either version 3 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

 if( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly

 if ( ! function_exists( 'wp_safe_redirect' ) ) :
 	/**
 	 * Performs a safe (local) redirect, using wp_redirect().
 	 *
 	 * Checks whether the $location is using an allowed host, if it has an absolute
 	 * path. A plugin can therefore set or remove allowed host(s) to or from the
 	 * list.
 	 *
 	 * If the host is not allowed, then the redirect defaults to wp-admin on the siteurl
 	 * instead. This prevents malicious redirects which redirect to another host,
 	 * but only used in a few places.
 	 *
 	 * Note: wp_safe_redirect() does not exit automatically, and should almost always be
 	 * followed by a call to `exit;`:
 	 *
 	 *     wp_safe_redirect( $url );
 	 *     exit;
 	 *
 	 * Exiting can also be selectively manipulated by using wp_safe_redirect() as a conditional
 	 * in conjunction with the {@see 'wp_redirect'} and {@see 'wp_redirect_location'} filters:
 	 *
 	 *     if ( wp_safe_redirect( $url ) ) {
 	 *         exit;
 	 *     }
 	 *
 	 * @since 2.3.0
 	 * @since 5.1.0 The return value from wp_redirect() is now passed on, and the `$x_redirect_by` parameter was added.
 	 *
 	 * @param string $location      The path or URL to redirect to.
 	 * @param int    $status        Optional. HTTP response status code to use. Default '302' (Moved Temporarily).
 	 * @param string $x_redirect_by Optional. The application doing the redirect. Default 'WordPress'.
 	 * @return bool  $redirect False if the redirect was cancelled, true otherwise.
 	 */
 	function wp_safe_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {

 		// Need to look at the URL the way it will end up in wp_redirect()
 		$location = wp_sanitize_redirect( $location );

 		/**
 		 * Filters the redirect fallback URL for when the provided redirect is not safe (local).
 		 *
 		 * @since 4.3.0
 		 *
 		 * @param string $fallback_url The fallback URL to use by default.
 		 * @param int    $status       The HTTP response status code to use.
 		 */
 		$location = wp_validate_redirect( $location, apply_filters( 'wp_safe_redirect_fallback', admin_url(), $status ) );

 		error_log( 'wp_safe_redirect : ' . $status . ' by ' . $x_redirect_by . ' to location: "' . $location . '".' );

 		return wp_redirect( $location, $status, $x_redirect_by );
 	}
 endif;

 if ( ! function_exists( 'wp_redirect' ) ) :
 	/**
 	 * Redirects to another page.
 	 *
 	 * Note: wp_redirect() does not exit automatically, and should almost always be
 	 * followed by a call to `exit;`:
 	 *
 	 *     wp_redirect( $url );
 	 *     exit;
 	 *
 	 * Exiting can also be selectively manipulated by using wp_redirect() as a conditional
 	 * in conjunction with the {@see 'wp_redirect'} and {@see 'wp_redirect_location'} filters:
 	 *
 	 *     if ( wp_redirect( $url ) ) {
 	 *         exit;
 	 *     }
 	 *
 	 * @since 1.5.1
 	 * @since 5.1.0 The `$x_redirect_by` parameter was added.
 	 *
 	 * @global bool $is_IIS
 	 *
 	 * @param string $location      The path or URL to redirect to.
 	 * @param int    $status        Optional. HTTP response status code to use. Default '302' (Moved Temporarily).
 	 * @param string $x_redirect_by Optional. The application doing the redirect. Default 'WordPress'.
 	 * @return bool False if the redirect was cancelled, true otherwise.
 	 */
 	function wp_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {
 		global $is_IIS;

 		/**
 		 * Filters the redirect location.
 		 *
 		 * @since 2.1.0
 		 *
 		 * @param string $location The path or URL to redirect to.
 		 * @param int    $status   The HTTP response status code to use.
 		 */
 		$location = apply_filters( 'wp_redirect', $location, $status );

 		/**
 		 * Filters the redirect HTTP response status code to use.
 		 *
 		 * @since 2.3.0
 		 *
 		 * @param int    $status   The HTTP response status code to use.
 		 * @param string $location The path or URL to redirect to.
 		 */
 		$status = apply_filters( 'wp_redirect_status', $status, $location );

 		if ( ! $location ) {
 			return false;
 		}

 		$location = wp_sanitize_redirect( $location );

 		if ( ! $is_IIS && PHP_SAPI != 'cgi-fcgi' ) {
 			status_header( $status ); // This causes problems on IIS and some FastCGI setups
 		}

 		/**
 		 * Filters the X-Redirect-By header.
 		 *
 		 * Allows applications to identify themselves when they're doing a redirect.
 		 *
 		 * @since 5.1.0
 		 *
 		 * @param string $x_redirect_by The application doing the redirect.
 		 * @param int    $status        Status code to use.
 		 * @param string $location      The path to redirect to.
 		 */
 		$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );
 		if ( is_string( $x_redirect_by ) ) {
 			header( "X-Redirect-By: $x_redirect_by" );
 		}

 		error_log( 'wp_redirect : ' . $status . ' by ' . $x_redirect_by . ' to location: "' . $location . '", current location: "' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . '", referer: "' . ( $_SERVER['HTTP_REFERER'] ?? '' ) . '".');

 		header( "Location: $location", true, $status );

 		return true;
 	}
 endif;
	<?php
	/**
	* Logs calls to wp_safe_redirect and wp_redirect to allow for server-side optimisation of common redirects
	*
	*
	* @wordpress-plugin
	* Plugin Name: WP Redirect Log
	* Plugin URI: https://gist.github.com/Danw33/6ad3b423ca2d57ed46a1b21461c13498
	* Description: Logs calls to wp_redirect and wp_safe_redirect to allow for server-side optimisation of common redirects
	* Version: 1.0.0
	* Author: Daniel Wilson
	* Author URI: https://danw.io/
	* License: GPL-3.0+
	* License URI: http://www.gnu.org/licenses/gpl-3.0.txt
	*/

	/*
	Redirect Log for WordPress (mu-plugin)
	Copyright (C) 2018 - 2019 Daniel Wilson - @Danw33

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <http://www.gnu.org/licenses/>.
	*/

	if( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly

	if ( ! function_exists( 'wp_safe_redirect' ) ) :
	/**
	* Performs a safe (local) redirect, using wp_redirect().
	*
	* Checks whether the $location is using an allowed host, if it has an absolute
	* path. A plugin can therefore set or remove allowed host(s) to or from the
	* list.
	*
	* If the host is not allowed, then the redirect defaults to wp-admin on the siteurl
	* instead. This prevents malicious redirects which redirect to another host,
	* but only used in a few places.
	*
	* Note: wp_safe_redirect() does not exit automatically, and should almost always be
	* followed by a call to `exit;`:
	*
	* wp_safe_redirect( $url );
	* exit;
	*
	* Exiting can also be selectively manipulated by using wp_safe_redirect() as a conditional
	* in conjunction with the {@see 'wp_redirect'} and {@see 'wp_redirect_location'} filters:
	*
	* if ( wp_safe_redirect( $url ) ) {
	* exit;
	* }
	*
	* @since 2.3.0
	* @since 5.1.0 The return value from wp_redirect() is now passed on, and the `$x_redirect_by` parameter was added.
	*
	* @param string $location The path or URL to redirect to.
	* @param int $status Optional. HTTP response status code to use. Default '302' (Moved Temporarily).
	* @param string $x_redirect_by Optional. The application doing the redirect. Default 'WordPress'.
	* @return bool $redirect False if the redirect was cancelled, true otherwise.
	*/
	function wp_safe_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {

	// Need to look at the URL the way it will end up in wp_redirect()
	$location = wp_sanitize_redirect( $location );

	/**
	* Filters the redirect fallback URL for when the provided redirect is not safe (local).
	*
	* @since 4.3.0
	*
	* @param string $fallback_url The fallback URL to use by default.
	* @param int $status The HTTP response status code to use.
	*/
	$location = wp_validate_redirect( $location, apply_filters( 'wp_safe_redirect_fallback', admin_url(), $status ) );

	error_log( 'wp_safe_redirect : ' . $status . ' by ' . $x_redirect_by . ' to location: "' . $location . '".' );

	return wp_redirect( $location, $status, $x_redirect_by );
	}
	endif;

	if ( ! function_exists( 'wp_redirect' ) ) :
	/**
	* Redirects to another page.
	*
	* Note: wp_redirect() does not exit automatically, and should almost always be
	* followed by a call to `exit;`:
	*
	* wp_redirect( $url );
	* exit;
	*
	* Exiting can also be selectively manipulated by using wp_redirect() as a conditional
	* in conjunction with the {@see 'wp_redirect'} and {@see 'wp_redirect_location'} filters:
	*
	* if ( wp_redirect( $url ) ) {
	* exit;
	* }
	*
	* @since 1.5.1
	* @since 5.1.0 The `$x_redirect_by` parameter was added.
	*
	* @global bool $is_IIS
	*
	* @param string $location The path or URL to redirect to.
	* @param int $status Optional. HTTP response status code to use. Default '302' (Moved Temporarily).
	* @param string $x_redirect_by Optional. The application doing the redirect. Default 'WordPress'.
	* @return bool False if the redirect was cancelled, true otherwise.
	*/
	function wp_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {
	global $is_IIS;

	/**
	* Filters the redirect location.
	*
	* @since 2.1.0
	*
	* @param string $location The path or URL to redirect to.
	* @param int $status The HTTP response status code to use.
	*/
	$location = apply_filters( 'wp_redirect', $location, $status );

	/**
	* Filters the redirect HTTP response status code to use.
	*
	* @since 2.3.0
	*
	* @param int $status The HTTP response status code to use.
	* @param string $location The path or URL to redirect to.
	*/
	$status = apply_filters( 'wp_redirect_status', $status, $location );

	if ( ! $location ) {
	return false;
	}

	$location = wp_sanitize_redirect( $location );

	if ( ! $is_IIS && PHP_SAPI != 'cgi-fcgi' ) {
	status_header( $status ); // This causes problems on IIS and some FastCGI setups
	}

	/**
	* Filters the X-Redirect-By header.
	*
	* Allows applications to identify themselves when they're doing a redirect.
	*
	* @since 5.1.0
	*
	* @param string $x_redirect_by The application doing the redirect.
	* @param int $status Status code to use.
	* @param string $location The path to redirect to.
	*/
	$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );
	if ( is_string( $x_redirect_by ) ) {
	header( "X-Redirect-By: $x_redirect_by" );
	}

	error_log( 'wp_redirect : ' . $status . ' by ' . $x_redirect_by . ' to location: "' . $location . '", current location: "' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . '", referer: "' . ( $_SERVER['HTTP_REFERER'] ?? '' ) . '".');

	header( "Location: $location", true, $status );

	return true;
	}
	endif;