WordPress.org

Make WordPress Core

Ticket #15330: make-logged-in-cookie-secure.15330.diff

File make-logged-in-cookie-secure.15330.diff, 1.6 KB (added by filosofo, 8 years ago)
  • wp-includes/pluggable.php

     
    689689        if ( version_compare(phpversion(), '5.2.0', 'ge') ) {
    690690                setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
    691691                setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
    692                 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, false, true);
     692                setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure, true);
    693693                if ( COOKIEPATH != SITECOOKIEPATH )
    694                         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true);
     694                        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure, true);
    695695        } else {
    696696                $cookie_domain = COOKIE_DOMAIN;
    697697                if ( !empty($cookie_domain) )
    698698                        $cookie_domain .= '; HttpOnly';
    699699                setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure);
    700700                setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure);
    701                 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain);
     701                setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain, $secure);
    702702                if ( COOKIEPATH != SITECOOKIEPATH )
    703                         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain);
     703                        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain, $secure);
    704704        }
    705705}
    706706endif;