WordPress.org
Get WordPress

Make WordPress Core

Changeset 24266


Ignore:
Timestamp:
05/15/2013 10:09:54 PM (13 years ago)
Author:
azaozz
Message:

Logged out warnings: fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN && ! FORCE_SSL_ADMIN. See #23295

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/wp-includes/functions.php

    r24229 r24266  
    39223922 */
    39233923function wp_auth_check_html() {
    3924     $login_url = site_url( 'wp-login.php', 'login_post' );
     3924    $login_url = wp_login_url();
    39253925    $current_domain = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'];
    39263926    $same_domain = ( strpos( $login_url, $current_domain ) === 0 );
     3927
     3928    if ( $same_domain && force_ssl_login() && ! force_ssl_admin() )
     3929        $same_domain = false;
    39273930
    39283931    // Let plugins change this if they know better.
Note: See TracChangeset for help on using the changeset viewer.