Automattic · JuanchoPestana · Jan 17, 2020 · Jan 17, 2020 · Jan 17, 2020 · Jan 17, 2020
diff --git a/includes/class-sensei-frontend.php b/includes/class-sensei-frontend.php
@@ -1284,6 +1284,8 @@ public function sensei_login_form() {
 						<!-- Spam Trap -->
 						<div style="left:-999em; position:absolute;"><label for="trap"><?php esc_html_e( 'Anti-spam', 'sensei-lms' ); ?></label><input type="text" name="email_2" id="trap" tabindex="-1" /></div>
 
+						<input type="hidden" id="sensei_reg_http_referer" name="sensei_reg_http_referer" value="<?php echo wp_get_referer() ? esc_attr( wp_get_referer() ) : ''; ?>">
+
 						<?php do_action( 'sensei_register_form_fields' ); ?>
 						<?php do_action( 'register_form' ); ?>
 
@@ -1705,6 +1707,10 @@ public function sensei_process_registration() {
 		$new_user_email    = $_POST['sensei_reg_email'];
 		$new_user_password = $_POST['sensei_reg_password'];
 
+		if ( isset( $_POST['sensei_reg_http_referer'] ) && '' !== $_POST['sensei_reg_http_referer'] ) {
+			$new_user_http_referer = esc_url_raw( wp_unslash( $_POST['sensei_reg_http_referer'] ) );
+		}
+
 		// Check the username.
 		$username_error_notice = '';
 		if ( $new_user_name == '' ) {
@@ -1765,13 +1771,13 @@ public function sensei_process_registration() {
 
 		// Redirect.
 		global $wp;
-		if ( wp_get_referer() ) {
-			$redirect = esc_url( wp_get_referer() );
+		if ( ! empty( $new_user_http_referer ) ) {
+			$redirect = esc_url( $new_user_http_referer );
 		} else {
 			$redirect = esc_url( home_url( $wp->request ) );
 		}
 
-		wp_redirect( apply_filters( 'sensei_registration_redirect', $redirect ) );
+		wp_safe_redirect( apply_filters( 'sensei_registration_redirect', $redirect ) );
 		exit;
 
 	} // end  sensei_process_registration)()