Should not this work as expectedly?
http://example.com/login/?redirect_to=http://www.cnn.com
Of course, this may seem like a silly example but should not redirect_to honor whatever is given to it?
In my case, I end up at the homepage. Am I doing something wrong here or is there a third-party hook that might be interfering with the expected behavior?
change this http://example.com/login/?redirect_to=http://www.cnn.com to this http://example.com/wp-login.php?redirect_to=http://www.cnn.com
You can also use login_redirect filter. see here
I think this is what you are looking for.
This will normally redirect all logins. To be able to redirect only when you want, you can use a query string parameter in the URL. Check for the parameter, if it exists redirect.