WordPress.org
Get WordPress

Make WordPress Core

Opened 17 years ago

Closed 14 years ago

#10739 closed defect (bug) (fixed)

Pass logged_in cookie to async-upload

Reported by: nbachiyski's profile nbachiyski Owned by:
Milestone: 2.9 Priority: normal
Severity: normal Version: 2.9
Component: Security Keywords: needs-patch
Focuses: Cc:

Description

Currently only the auth cookie is sent to async-upload.php. If a plugins has filtered the scheme in auth_redirect() the logged_in cookie might be needed, too.

Attachments (1)

pass-logged-in-cookie-to-async-upload.diff (1.2 KB) - added by nbachiyski 17 years ago.

Download all attachments as: .zip

Change History (9)

@nbachiyski
17 years ago

#1 @ryan
17 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11904]) Pass logged_in cookie to async-upload. Props nbachiyski. fixes #10739

#2 @azaozz
17 years ago

  • Keywords reporter-feedback added; has-patch removed
  • Resolution fixed deleted
  • Status changed from closed to reopened

This doesn't look good... We make the cookies not accessible by JS and at the same time put them in plain view and accept them in the GET request.

Perhaps we could look at making a short-lived (30 min?) nonce for the flash uploader, would be way more secure.

#3 @scribu
17 years ago

  • Component changed from Upload to Security
  • Milestone changed from Unassigned to 2.9
  • Version set to 2.9

#4 @nacin
16 years ago

  • Milestone changed from 2.9 to 3.0

#5 @scribu
16 years ago

  • Keywords needs-patch added; reporter-feedback removed

#6 @nacin
16 years ago

  • Milestone changed from 3.0 to 3.1

#7 @nacin
16 years ago

  • Milestone changed from Awaiting Triage to Future Release

#8 @nacin
14 years ago

  • Milestone changed from Future Release to 2.9
  • Resolution set to fixed
  • Status changed from reopened to closed
Note: See TracTickets for help on using tickets.