Ticket #28521: 28521.diff
| File 28521.diff, 5.5 KB (added by , 10 years ago) |
|---|
-
src/wp-includes/comment.php
1151 1151 * @param int $seconds Comment cookie lifetime. Default 30000000. 1152 1152 */ 1153 1153 $comment_cookie_lifetime = apply_filters( 'comment_cookie_lifetime', 30000000 ); 1154 $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) ;1154 $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) || force_ssl(); 1155 1155 setcookie( 'comment_author_' . COOKIEHASH, $comment->comment_author, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); 1156 1156 setcookie( 'comment_author_email_' . COOKIEHASH, $comment->comment_author_email, time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); 1157 1157 setcookie( 'comment_author_url_' . COOKIEHASH, esc_url($comment->comment_author_url), time() + $comment_cookie_lifetime, COOKIEPATH, COOKIE_DOMAIN, $secure ); -
src/wp-includes/default-constants.php
263 263 if ( defined( 'FORCE_SSL_LOGIN' ) && FORCE_SSL_LOGIN ) { 264 264 force_ssl_admin( true ); 265 265 } 266 267 if ( ! defined( 'FORCE_SSL' ) ) { 268 define( 'FORCE_SSL', false ); 269 } 266 270 } 267 271 268 272 /** -
src/wp-includes/default-filters.php
399 399 add_action( 'wp_footer', 'wp_admin_bar_render', 1000 ); 400 400 add_action( 'in_admin_header', 'wp_admin_bar_render', 0 ); 401 401 402 if ( force_ssl() ) { 403 $hooks = array( 'the_content', 'the_excerpt', 'comment_text' ); 404 foreach ( $hooks as $hook ) { 405 add_filter( $hook, 'wp_ssl_urls' ); 406 } 407 } 408 402 409 unset( $filter, $action ); -
src/wp-includes/functions.php
3672 3672 * @return bool True if SSL, false if not used. 3673 3673 */ 3674 3674 function is_ssl() { 3675 if ( force_ssl() ) { 3676 return true; 3677 } 3678 3675 3679 if ( isset($_SERVER['HTTPS']) ) { 3676 3680 if ( 'on' == strtolower($_SERVER['HTTPS']) ) 3677 3681 return true; … … 3718 3722 } 3719 3723 3720 3724 /** 3725 * Determine whether to force SSL 3726 * 3727 * @since 4.2.0 3728 * 3729 * @return bool True if forced SSL, false if not used. 3730 */ 3731 function force_ssl() { 3732 return defined( 'FORCE_SSL' ) && FORCE_SSL; 3733 } 3734 3735 /** 3736 * Determine whether to force SSL 3737 * 3738 * @since 4.2.0 3739 * 3740 * @param string $content 3741 * 3742 * @return string The filtered content. 3743 */ 3744 function wp_ssl_urls( $content ) { 3745 $search = array( 3746 home_url( '', 'http' ), 3747 site_url( '', 'http' ) 3748 ); 3749 $replace = array( 3750 home_url( '', 'https' ), 3751 site_url( '', 'https' ) 3752 ); 3753 return str_replace( $search, $replace, $content ); 3754 } 3755 3756 /** 3721 3757 * Guess the URL for the site. 3722 3758 * 3723 3759 * Will remove wp-admin links to retrieve only return URLs not in the wp-admin -
src/wp-includes/option.php
749 749 } 750 750 751 751 // The cookie is not set in the current browser or the saved value is newer. 752 $secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) ) ;752 $secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) ) || force_ssl(); 753 753 setcookie( 'wp-settings-' . $user_id, $settings, time() + YEAR_IN_SECONDS, SITECOOKIEPATH, null, $secure ); 754 754 setcookie( 'wp-settings-time-' . $user_id, time(), time() + YEAR_IN_SECONDS, SITECOOKIEPATH, null, $secure ); 755 755 $_COOKIE['wp-settings-' . $user_id] = $settings; -
src/wp-includes/pluggable.php
873 873 */ 874 874 $secure_logged_in_cookie = apply_filters( 'secure_logged_in_cookie', $secure_logged_in_cookie, $user_id, $secure ); 875 875 876 if ( $secure ) {876 if ( $secure || force_ssl() ) { 877 877 $auth_cookie_name = SECURE_AUTH_COOKIE; 878 878 $scheme = 'secure_auth'; 879 879 } else { -
src/wp-login.php
434 434 } 435 435 436 436 //Set a cookie now to see if they are supported by the browser. 437 $secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) && 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) ;437 $secure = ( 'https' === parse_url( site_url(), PHP_URL_SCHEME ) && 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) || force_ssl(); 438 438 setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); 439 439 if ( SITECOOKIEPATH != COOKIEPATH ) 440 440 setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure ); … … 476 476 * @param int $expires The expiry time, as passed to setcookie(). 477 477 */ 478 478 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); 479 $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) ;479 $secure = ( 'https' === parse_url( home_url(), PHP_URL_SCHEME ) ) || force_ssl(); 480 480 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); 481 481 482 482 wp_safe_redirect( wp_get_referer() );