why is $_REQUESt[‘redirect_to’] empty?

The redirect_to variable works fine, even as a GET variable, however wp-login.php also uses wp_safe_redirect() for doing the actual redirection, which means that the URL must be on the same website. You can’t redirect to anywhere in the web, just to the same site as the login is located on. This is to prevent some sorts of XSS issues.

Related Posts:

  1. Should a 502 HTTP status code be used if a proxy receives no response at all?
  2. What is the difference between a URI, a URL and a URN?
  3. HTTP Status 504
  4. What is the difference between POST and GET? [duplicate]
  5. Do I need Content-Type: application/octet-stream for file download?
  6. Problem HTTP error 403 in Python 3 Web Scraping
  7. application/x-www-form-urlencoded or multipart/form-data?
  8. Problem HTTP error 403 in Python 3 Web Scraping
  9. application/x-www-form-urlencoded or multipart/form-data?
  10. Is 418 “I’m a teapot” really an HTTP response code?
  11. How to define the basic HTTP authentication using cURL correctly?
  12. How to define the basic HTTP authentication using cURL correctly?
  13. “Cannot GET /” with Connect on Node.js
  14. “CAUTION: provisional headers are shown” in Chrome debugger
  15. What’s the difference between a POST and a PUT HTTP REQUEST?
  16. How do I send a POST request with PHP?
  17. Why is it said that “HTTP is a stateless protocol”?
  18. What’s the difference between using application/csv vs text/csv? [duplicate]
  19. What are all the possible values for HTTP “Content-Type” header?
  20. What is the difference between PUT, POST and PATCH?
  21. What’s the difference between “Request Payload” vs “Form Data” as seen in Chrome dev tools Network tab
  22. Exception in thread “main” java.net.NoRouteToHostException: No route to host
  23. ndroid 8: Cleartext HTTP traffic not permitted
  24. Can PHP cURL retrieve response headers AND body in a single request?
  25. Setting Curl’s Timeout in PHP
  26. How are parameters sent in an HTTP POST request?
  27. Why am I suddenly getting a “Blocked loading mixed active content” issue in Firefox?
  28. wget: unable to resolve host address `http’
  29. Are HTTP headers case-sensitive?
  30. When looking at the differences between X-Auth-Token vs Authorization headers, which is preferred?
  31. WordPress HTTP parameter pollution
  32. Does WordPress send data about your blog to WordPress.org or Automattic?
  33. Hiding WordPress REST API v2 endpoints from public viewing
  34. Does WordPress only support HTTP 1.1?
  35. How do I troubleshoot responses with WP HTTP API?
  36. Is curl required?
  37. The resource was preloaded using link preload but not used within a few seconds
  38. using wp_remote_get to retrieve own url on local host
  39. Using wp-cron in backpress – problems with wp_remote_post, fsockopen error
  40. Running index.php from command line & load balancer health checks
  41. Enable CORS in wordpress
  42. Change port of wordpress
  43. How to get value of custom http header?
  44. Several times request to load plugins when sending one request
  45. Get “HTTP/1.1 406 Not Acceptable” when accesing my website with Delphi Indy Control
  46. WordPress HTTP 500 Error “page isn’t working”
  47. What’s the point in having “www” in a URL?
  48. For what is the “.well-known”-folder?
  49. Human readable format for http headers with tcpdump
  50. How to make wireshark filter POST-requests only?
  51. Image file urls still point to http instead of https
  52. What is the difference between POST and PUT in HTTP?
  53. How to do a PUT request with cURL?
  54. What does HTTP/1.1 302 mean exactly?
  55. Significance of port 3000 in Express apps
  56. How do I pull from a Git repository through an HTTP proxy?
  57. Uri not Absolute exception getting while calling Restful Webservice
  58. HTTP GET with request body
  59. urllib2.HTTPError: HTTP Error 403: Forbidden
  60. WebException (Status: Protocol Error)
  61. Response Content type as CSV
  62. Prevent WordPress from sending Cache-control http header
  63. Clarity needed on usage of multiple 403 forbidden header() functions at the beginning of the plugin files
  64. How can I use CURLOPT_USERPWD in wp_remote_post?
  65. Programmatically log in a wordpress user
  66. Upgrade to SSL Breaks Admin Dashboard
  67. Redirect www to non-www htaccess
  68. How are both HTTP and HTTPS versions displaying?
  69. HTTP Header on specific page is application instead of text
  70. Get the final destination after WP_Http redirects (WordPress)
  71. Cant Access Website – Changed HTTP to HTTPs
  72. How to set status codes such as 401 and 403?
  73. Getting soft 404 errors (200 status) when caching plugins are enabled
  74. How to return HTTP 404 when no search results found?
  75. Redirect user to a particular link in 10 seconds after using wp_die
  76. How To Reset Ownership And Permissions of Wp-Content Folder, In Order to Fix HTTP Error When Uploading Images to WordPress Media Library
  77. Get full URL of images in media library including http://
  78. wordpress api using rest_route for other pages
  79. Is there an equivalent to WP_Error object I can return in the case of a successful REST request?
  80. Modifying request $_COOKIE
  81. Redirect HTTP to HTTPS for all sub domains (blog posts)
  82. CF7 upload file failing [closed]
  83. How to use https on one page only?
  84. Changed the url into https and now can’t access site admin
  85. How to make my site use HTTPS for images or how to insert images as relative paths?
  86. 404/500 error on content images if Referer header is from another domain [closed]
  87. Last-Modified header support doesn’t speed up server processing – want more
  88. Why does WP HTTP API switch the method (POST/PURGE) to GET when redirecting (302)?
  89. Need workaround for insecure XMLHttpRequest endpoint request
  90. What is this HTTP_REFERRER “WordPress/4.1.2”
  91. Reading URL Parameters
  92. How exactly does WordPress load themes from api.wordpress.org?
  93. Configure WordPress to listen on a port other than 80
  94. How to switch static files back to using HTTP instead of HTTPS?
  95. throttle/limit a logged in user’s http requests to specific page on a per day basis
  96. CSS/JS is not working in multi lang installation
  97. Does WordPress perform better with curl installed?
  98. Any idea on how to fix this error when forcing SSL on a certain page?
  99. Random HTTP 500 error in WordPress
  100. Nice font not working when http to https – SSL Issue