WordPress.org

Make WordPress Core

Ticket #15330: make-logged-in-cookie-secure.15330.diff

File make-logged-in-cookie-secure.15330.diff, 1.6 KB (added by filosofo, 5 years ago)
  • wp-includes/pluggable.php

     
    689689        if ( version_compare(phpversion(), '5.2.0', 'ge') ) { 
    690690                setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); 
    691691                setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); 
    692                 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, false, true); 
     692                setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure, true); 
    693693                if ( COOKIEPATH != SITECOOKIEPATH ) 
    694                         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true); 
     694                        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure, true); 
    695695        } else { 
    696696                $cookie_domain = COOKIE_DOMAIN; 
    697697                if ( !empty($cookie_domain) ) 
    698698                        $cookie_domain .= '; HttpOnly'; 
    699699                setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure); 
    700700                setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure); 
    701                 setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain); 
     701                setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain, $secure); 
    702702                if ( COOKIEPATH != SITECOOKIEPATH ) 
    703                         setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain); 
     703                        setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain, $secure); 
    704704        } 
    705705} 
    706706endif;