WordPress.org
Get WordPress

Make WordPress Core

Opened 16 years ago

Closed 13 years ago

#10739 closed defect (bug) (fixed)

Pass logged_in cookie to async-upload

Reported by: nbachiyski's profile nbachiyski Owned by:
Milestone: 2.9 Priority: normal
Severity: normal Version: 2.9
Component: Security Keywords: needs-patch
Focuses: Cc:

Description

Currently only the auth cookie is sent to async-upload.php. If a plugins has filtered the scheme in auth_redirect() the logged_in cookie might be needed, too.

Attachments (1)

pass-logged-in-cookie-to-async-upload.diff (1.2 KB) - added by nbachiyski 16 years ago.

Download all attachments as: .zip

Change History (9)

@nbachiyski
16 years ago

#1 @ryan
16 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11904]) Pass logged_in cookie to async-upload. Props nbachiyski. fixes #10739

#2 @azaozz
16 years ago

  • Keywords reporter-feedback added; has-patch removed
  • Resolution fixed deleted
  • Status changed from closed to reopened

This doesn't look good... We make the cookies not accessible by JS and at the same time put them in plain view and accept them in the GET request.

Perhaps we could look at making a short-lived (30 min?) nonce for the flash uploader, would be way more secure.

#3 @scribu
16 years ago

  • Component changed from Upload to Security
  • Milestone changed from Unassigned to 2.9
  • Version set to 2.9

#4 @nacin
16 years ago

  • Milestone changed from 2.9 to 3.0

#5 @scribu
16 years ago

  • Keywords needs-patch added; reporter-feedback removed

#6 @nacin
15 years ago

  • Milestone changed from 3.0 to 3.1

#7 @nacin
15 years ago

  • Milestone changed from Awaiting Triage to Future Release

#8 @nacin
13 years ago

  • Milestone changed from Future Release to 2.9
  • Resolution set to fixed
  • Status changed from reopened to closed
Note: See TracTickets for help on using tickets.