FORCE_SSL_LOGIN causes wp-login.php to have an incorrect https link
|Reported by:||dbvista||Owned by:||jakub.tyrcha|
In this bug, the WordPress logo on the login screen incorrectly links to an https URL. It is easy to reproduce.
First, define('FORCE_SSL_LOGIN', true) in wp-config.php. Then make sure you are logged out of WordPress. (Note: I am running multisite - I don't know if this matters or not.)
- Visit /wp-login.php. Fill in WRONG credentials (misspell your password) and click the Submit button.
- wp-login.php redisplays as expected, this time with an https URL.
- The WordPress logo on the form now links to https://your.site.com. If you click it, you are visiting your site over SSL.
This should not happen. The WordPress logo (and any other links on the login page) should render http URLs.
Change History (14)
comment:3 jakub.tyrcha — 3 years ago
- Cc jakub.tyrcha added
- Keywords has-patch needs-testing added
- Owner set to jakub.tyrcha
- Status changed from new to accepted