From 37e53288371cf14b85bd6be5da8480f64c6ab9bd Mon Sep 17 00:00:00 2001
From: Tonya Mork <hellofromtonya@git.wordpress.org>
Date: Thu, 9 Mar 2023 21:24:54 +0000
Subject: [PATCH 1/3] git-svn-id:
 https://develop.svn.wordpress.org/branches/6.2@55504
 602fd350-edb4-49c9-b593-d223f7449a82


From 909a02faf5f03616c2d9e6e8405351a64556def0 Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov@git.wordpress.org>
Date: Tue, 14 Mar 2023 17:56:53 +0000
Subject: [PATCH 2/3] Post WordPress 6.2 RC2 version bump.

git-svn-id: https://develop.svn.wordpress.org/branches/6.2@55551 602fd350-edb4-49c9-b593-d223f7449a82
---
 wordpress-importer | 1 +
 1 file changed, 1 insertion(+)
 create mode 160000 wordpress-importer

diff --git a/wordpress-importer b/wordpress-importer
new file mode 160000
index 0000000000000..99462ec2d3390
--- /dev/null
+++ b/wordpress-importer
@@ -0,0 +1 @@
+Subproject commit 99462ec2d3390bc0de3bc5ffbe817f2160e5ef54

From 94339ccbfd9f16e0a7d844508e7bd65dadded125 Mon Sep 17 00:00:00 2001
From: = <=>
Date: Sat, 1 Apr 2023 17:26:31 +0200
Subject: [PATCH 3/3] Replaced most HTTP_HOST according to
 https://core.trac.wordpress.org/ticket/53998

---
 src/wp-admin/includes/class-wp-list-table.php |  4 ++--
 src/wp-admin/includes/misc.php                |  2 +-
 src/wp-includes/admin-bar.php                 |  2 +-
 src/wp-includes/blocks/loginout.php           |  2 +-
 src/wp-includes/canonical.php                 |  6 ++----
 src/wp-includes/class-wp-recovery-mode.php    |  2 +-
 src/wp-includes/functions.php                 |  2 +-
 src/wp-includes/general-template.php          |  2 +-
 src/wp-includes/nav-menu-template.php         |  4 ++--
 src/wp-includes/pluggable.php                 | 21 ++++++-------------
 src/wp-login.php                              |  6 +++---
 11 files changed, 21 insertions(+), 32 deletions(-)

diff --git a/src/wp-admin/includes/class-wp-list-table.php b/src/wp-admin/includes/class-wp-list-table.php
index 9ecbe37487ce9..699813b568657 100644
--- a/src/wp-admin/includes/class-wp-list-table.php
+++ b/src/wp-admin/includes/class-wp-list-table.php
@@ -979,7 +979,7 @@ protected function pagination( $which ) {
 		$current              = $this->get_pagenum();
 		$removable_query_args = wp_removable_query_args();
 
-		$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		$current_url = network_home_url( $_SERVER['REQUEST_URI'] );
 
 		$current_url = remove_query_arg( $removable_query_args, $current_url );
 
@@ -1289,7 +1289,7 @@ public function get_column_count() {
 	public function print_column_headers( $with_id = true ) {
 		list( $columns, $hidden, $sortable, $primary ) = $this->get_column_info();
 
-		$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		$current_url = network_home_url( $_SERVER['REQUEST_URI'] );
 		$current_url = remove_query_arg( 'paged', $current_url );
 
 		if ( isset( $_GET['orderby'] ) ) {
diff --git a/src/wp-admin/includes/misc.php b/src/wp-admin/includes/misc.php
index 1493e0e998279..649b900d666a4 100644
--- a/src/wp-admin/includes/misc.php
+++ b/src/wp-admin/includes/misc.php
@@ -1396,7 +1396,7 @@ function wp_admin_canonical_url() {
 	}
 
 	// Ensure we're using an absolute URL.
-	$current_url  = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+	$current_url  = network_home_url( $_SERVER['REQUEST_URI'] );
 	$filtered_url = remove_query_arg( $removable_query_args, $current_url );
 	?>
 	<link id="wp-admin-canonical" rel="canonical" href="<?php echo esc_url( $filtered_url ); ?>" />
diff --git a/src/wp-includes/admin-bar.php b/src/wp-includes/admin-bar.php
index 4792822d5960a..0b92e693cb47f 100644
--- a/src/wp-includes/admin-bar.php
+++ b/src/wp-includes/admin-bar.php
@@ -469,7 +469,7 @@ function wp_admin_bar_customize_menu( $wp_admin_bar ) {
 		return;
 	}
 
-	$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
+	$current_url = network_home_url( $_SERVER['REQUEST_URI'] );
 	if ( is_customize_preview() && $wp_customize->changeset_uuid() ) {
 		$current_url = remove_query_arg( 'customize_changeset_uuid', $current_url );
 	}
diff --git a/src/wp-includes/blocks/loginout.php b/src/wp-includes/blocks/loginout.php
index ac10ced20f3d1..63239d9803139 100644
--- a/src/wp-includes/blocks/loginout.php
+++ b/src/wp-includes/blocks/loginout.php
@@ -15,7 +15,7 @@
 function render_block_core_loginout( $attributes ) {
 
 	// Build the redirect URL.
-	$current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
+	$current_url = network_home_url( $_SERVER['REQUEST_URI'] );
 
 	$classes  = is_user_logged_in() ? 'logged-in' : 'logged-out';
 	$contents = wp_loginout(
diff --git a/src/wp-includes/canonical.php b/src/wp-includes/canonical.php
index a02ab793cee3e..46faf0694d162 100644
--- a/src/wp-includes/canonical.php
+++ b/src/wp-includes/canonical.php
@@ -63,11 +63,9 @@ function redirect_canonical( $requested_url = null, $do_redirect = true ) {
 		return;
 	}
 
-	if ( ! $requested_url && isset( $_SERVER['HTTP_HOST'] ) ) {
+	if ( ! $requested_url ) {
 		// Build the URL in the address bar.
-		$requested_url  = is_ssl() ? 'https://' : 'http://';
-		$requested_url .= $_SERVER['HTTP_HOST'];
-		$requested_url .= $_SERVER['REQUEST_URI'];
+		$requested_url = network_home_url( $_SERVER['REQUEST_URI'] );
 	}
 
 	$original = parse_url( $requested_url );
diff --git a/src/wp-includes/class-wp-recovery-mode.php b/src/wp-includes/class-wp-recovery-mode.php
index b30eb408e3500..b337a3548871b 100644
--- a/src/wp-includes/class-wp-recovery-mode.php
+++ b/src/wp-includes/class-wp-recovery-mode.php
@@ -464,7 +464,7 @@ protected function redirect_protected() {
 
 		$scheme = is_ssl() ? 'https://' : 'http://';
 
-		$url = "{$scheme}{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
+		$url = network_home_url( $_SERVER['REQUEST_URI'] );
 		wp_safe_redirect( $url );
 		exit;
 	}
diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
index 1cd71b3f75770..de6a99b15dd96 100644
--- a/src/wp-includes/functions.php
+++ b/src/wp-includes/functions.php
@@ -7182,7 +7182,7 @@ function wp_auth_check_load() {
  */
 function wp_auth_check_html() {
 	$login_url      = wp_login_url();
-	$current_domain = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'];
+	$current_domain = network_home_url();
 	$same_domain    = ( strpos( $login_url, $current_domain ) === 0 );
 
 	/**
diff --git a/src/wp-includes/general-template.php b/src/wp-includes/general-template.php
index f35f327962cc4..15aa86b47c78b 100644
--- a/src/wp-includes/general-template.php
+++ b/src/wp-includes/general-template.php
@@ -518,7 +518,7 @@ function wp_login_form( $args = array() ) {
 	$defaults = array(
 		'echo'           => true,
 		// Default 'redirect' value takes the user back to the request URI.
-		'redirect'       => ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'],
+		'redirect'       => network_home_url( $_SERVER['REQUEST_URI'] ),
 		'form_id'        => 'loginform',
 		'label_username' => __( 'Username or Email Address' ),
 		'label_password' => __( 'Password' ),
diff --git a/src/wp-includes/nav-menu-template.php b/src/wp-includes/nav-menu-template.php
index 46a4d95c385cf..ab36b31f9d8dc 100644
--- a/src/wp-includes/nav-menu-template.php
+++ b/src/wp-includes/nav-menu-template.php
@@ -469,7 +469,7 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
 			$active_parent_item_ids[] = (int) $menu_item->menu_item_parent;
 
 			// If the menu item corresponds to the currently requested URL.
-		} elseif ( 'custom' === $menu_item->object && isset( $_SERVER['HTTP_HOST'] ) ) {
+		} elseif ( 'custom' === $menu_item->object ) {
 			$_root_relative_current = untrailingslashit( $_SERVER['REQUEST_URI'] );
 
 			// If it's the customize page then it will strip the query var off the URL before entering the comparison block.
@@ -477,7 +477,7 @@ function _wp_menu_item_classes_by_context( &$menu_items ) {
 				$_root_relative_current = strtok( untrailingslashit( $_SERVER['REQUEST_URI'] ), '?' );
 			}
 
-			$current_url        = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_root_relative_current );
+			$current_url        = network_home_url( $_root_relative_current );
 			$raw_item_url       = strpos( $menu_item->url, '#' ) ? substr( $menu_item->url, 0, strpos( $menu_item->url, '#' ) ) : $menu_item->url;
 			$item_url           = set_url_scheme( untrailingslashit( $raw_item_url ) );
 			$_indexless_current = untrailingslashit( preg_replace( '/' . preg_quote( $wp_rewrite->index, '/' ) . '$/', '', $current_url ) );
diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php
index bbf4d4394758c..c33de3d290302 100644
--- a/src/wp-includes/pluggable.php
+++ b/src/wp-includes/pluggable.php
@@ -1186,14 +1186,10 @@ function auth_redirect() {
 		$secure = apply_filters( 'secure_auth_redirect', $secure );
 
 		// If https is required and request is http, redirect.
+		wp_redirect(network_home_url( $_SERVER['REQUEST_URI'] ));
 		if ( $secure && ! is_ssl() && false !== strpos( $_SERVER['REQUEST_URI'], 'wp-admin' ) ) {
-			if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
-				wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
-				exit;
-			} else {
-				wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
-				exit;
-			}
+			wp_redirect(network_home_url( $_SERVER['REQUEST_URI'] ));
+			exit;
 		}
 
 		/**
@@ -1218,13 +1214,8 @@ function auth_redirect() {
 
 			// If the user wants ssl but the session is not ssl, redirect.
 			if ( ! $secure && get_user_option( 'use_ssl', $user_id ) && false !== strpos( $_SERVER['REQUEST_URI'], 'wp-admin' ) ) {
-				if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
-					wp_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
-					exit;
-				} else {
-					wp_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
-					exit;
-				}
+				wp_redirect(network_home_url( $_SERVER['REQUEST_URI'] ));
+				exit;
 			}
 
 			return; // The cookie is good, so we're done.
@@ -1233,7 +1224,7 @@ function auth_redirect() {
 		// The cookie is no good, so force login.
 		nocache_headers();
 
-		$redirect = ( strpos( $_SERVER['REQUEST_URI'], '/options.php' ) && wp_get_referer() ) ? wp_get_referer() : set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		$redirect = ( strpos( $_SERVER['REQUEST_URI'], '/options.php' ) && wp_get_referer() ) ? wp_get_referer() : network_home_url( $_SERVER['REQUEST_URI'] );
 
 		$login_url = wp_login_url( $redirect, true );
 
diff --git a/src/wp-login.php b/src/wp-login.php
index 9a1bbb5bceffc..43215e70a49a0 100644
--- a/src/wp-login.php
+++ b/src/wp-login.php
@@ -14,10 +14,10 @@
 // Redirect to HTTPS login if forced to use SSL.
 if ( force_ssl_admin() && ! is_ssl() ) {
 	if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
-		wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
+		wp_safe_redirect( network_home_url( $_SERVER['REQUEST_URI'], 'https' ) );
 		exit;
 	} else {
-		wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
+		wp_safe_redirect( network_home_url( $_SERVER['REQUEST_URI'] ) );
 		exit;
 	}
 }
@@ -475,7 +475,7 @@ function wp_login_viewport_meta() {
 		$_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
 	}
 
-	$url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) );
+	$url = dirname( network_home_url( $_SERVER['PHP_SELF'] ) );
 
 	if ( get_option( 'siteurl' ) !== $url ) {
 		update_option( 'siteurl', $url );