Domain Mapping wp_login_url filter adds blank redirect_to

When using Domain Mapping, a blank redirect_to parameter is added to the login URL if no $redirect_to is passed into the wp_login_url function.

The current code looks like this:

public function update_login_url( $login_url, $redirect_to ) {
    $login_domain = parse_url( $login_url, PHP_URL_HOST );
    $redirect_domain = parse_url( $redirect_to, PHP_URL_HOST );
    if ( $login_domain != $redirect_domain ) {
        $redirect_to = str_replace( "://{$redirect_domain}", "://{$login_domain}", $redirect_to );
        $login_url = add_query_arg( 'redirect_to', urlencode( $redirect_to ), $login_url );
    }

    return $login_url;
}

This filter adds a redirect_to URL parameter to the login URL, no matter whether the $redirect_to parameter is present. It should only added a redirect_to parameter if the $redirect_to variable is not empty.

This can be fixed by changing the function to:

public function update_login_url( $login_url, $redirect_to ) {
    if (!empty($redirect_to)) {
        $login_domain = parse_url( $login_url, PHP_URL_HOST );
        $redirect_domain = parse_url( $redirect_to, PHP_URL_HOST );
        if ( $login_domain != $redirect_domain ) {
            $redirect_to = str_replace( "://{$redirect_domain}", "://{$login_domain}", $redirect_to );
            $login_url = add_query_arg( 'redirect_to', urlencode( $redirect_to ), $login_url );
        }
    }

    return $login_url;
}

Let me know if you need any additional information.