The 'redirect_to' parameter sent to wp-login.php is sanitized to prevent redirection to external sites. If you'd like to whitelist external domains, here's how:
add_filter( 'allowed_redirect_hosts' , 'my_allowed_redirect_hosts' , 10 ); function my_allowed_redirect_hosts($content){ $content[] = 'blog.example.com'; $content[] = 'codex.example.com'; // wrong: $content[] = 'http://codex.example.com'; return $content; }