wp_get_referer

The timeline below displays how wordpress function wp_get_referer has changed across different WordPress versions. If a version is not listed, refer to the next available version below.

WordPress Version: 6.3

/**
 * Retrieves referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return string|false Referer URL on success, false on failure.
 */
function wp_get_referer()
{
    // Return early if called before wp_validate_redirect() is defined.
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = wp_get_raw_referer();
    if ($ref && wp_unslash($_SERVER['REQUEST_URI']) !== $ref && home_url() . wp_unslash($_SERVER['REQUEST_URI']) !== $ref) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 6.1

/**
 * Retrieves referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return string|false Referer URL on success, false on failure.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = wp_get_raw_referer();
    if ($ref && wp_unslash($_SERVER['REQUEST_URI']) !== $ref && home_url() . wp_unslash($_SERVER['REQUEST_URI']) !== $ref) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 5.4

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return string|false Referer URL on success, false on failure.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = wp_get_raw_referer();
    if ($ref && wp_unslash($_SERVER['REQUEST_URI']) !== $ref && home_url() . wp_unslash($_SERVER['REQUEST_URI']) !== $ref) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 4.5

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return false|string False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = wp_get_raw_referer();
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI']) && $ref !== home_url() . wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 4.2

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return false|string False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = false;
    if (!empty($_REQUEST['_wp_http_referer'])) {
        $ref = wp_unslash($_REQUEST['_wp_http_referer']);
    } elseif (!empty($_SERVER['HTTP_REFERER'])) {
        $ref = wp_unslash($_SERVER['HTTP_REFERER']);
    }
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 4.1

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return false|string False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = false;
    if (!empty($_REQUEST['_wp_http_referer'])) {
        $ref = wp_unslash($_REQUEST['_wp_http_referer']);
    } else if (!empty($_SERVER['HTTP_REFERER'])) {
        $ref = wp_unslash($_SERVER['HTTP_REFERER']);
    }
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 4.0

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer.
 *
 * If it's the same as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return string|bool False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = false;
    if (!empty($_REQUEST['_wp_http_referer'])) {
        $ref = wp_unslash($_REQUEST['_wp_http_referer']);
    } else if (!empty($_SERVER['HTTP_REFERER'])) {
        $ref = wp_unslash($_SERVER['HTTP_REFERER']);
    }
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 3.9

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer. If it's the same
 * as the current request URL, will return false.
 *
 * @since 2.0.4
 *
 * @return string|bool False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = false;
    if (!empty($_REQUEST['_wp_http_referer'])) {
        $ref = wp_unslash($_REQUEST['_wp_http_referer']);
    } else if (!empty($_SERVER['HTTP_REFERER'])) {
        $ref = wp_unslash($_SERVER['HTTP_REFERER']);
    }
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}

WordPress Version: 3.7

/**
 * Retrieve referer from '_wp_http_referer' or HTTP referer. If it's the same
 * as the current request URL, will return false.
 *
 * @package WordPress
 * @subpackage Security
 * @since 2.0.4
 *
 * @return string|bool False on failure. Referer URL on success.
 */
function wp_get_referer()
{
    if (!function_exists('wp_validate_redirect')) {
        return false;
    }
    $ref = false;
    if (!empty($_REQUEST['_wp_http_referer'])) {
        $ref = wp_unslash($_REQUEST['_wp_http_referer']);
    } else if (!empty($_SERVER['HTTP_REFERER'])) {
        $ref = wp_unslash($_SERVER['HTTP_REFERER']);
    }
    if ($ref && $ref !== wp_unslash($_SERVER['REQUEST_URI'])) {
        return wp_validate_redirect($ref, false);
    }
    return false;
}