Opened 22 months ago

Closed 22 months ago

#18137 closed defect (bug) (fixed)

wp_login_form() uses the incorrect scheme

Reported by: mdawaffe Owned by: nacin
Priority: normal Milestone: 3.2.2
Component: General Version: 3.2.1
Severity: normal Keywords: has-patch
Cc:

Description

wp_login_form() currently uses the 'login' auth scheme, which only serves HTTPS requests when force_ssl_admin() is set.

The correct scheme for the form is 'login_post', which serves HTTPS requests when either force_ssl_login() or force_ssl_admin is set.

Attached.

Attachments (1)

18137.diff (815 bytes) - added by mdawaffe 22 months ago.

Download all attachments as: .zip

Change History (4)

mdawaffe22 months ago

comment:1   nacin22 months ago

  • Milestone changed from Awaiting Review to 3.2.2

comment:2   nacin22 months ago

In [18444]:

Use login_post context for wp_login_form action. props mdawaffe, see #18137 for trunk.

comment:3   nacin22 months ago

  • Owner set to nacin
  • Resolution set to fixed
  • Status changed from new to closed

In [18463]:

Use login_post context for wp_login_form action. props mdawaffe, fixes #18137. for the 3.2 branch.

Note: See TracTickets for help on using tickets.