Changes between Initial Version and Version 2 of Ticket #27373
- Timestamp:
- 03/26/2014 01:33:04 PM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #27373
- Property Keywords has-patch added
-
Ticket #27373 – Description
initial v2 3 3 Before 3.7, the presence of the test cookie was only checked in case of an invalid username or password. 4 4 5 Since [25045], we always check the test cookie before calling `wp_signon()`. This made the issue much more prominent. Here are some scenarios to reproduce it: 5 Since [25045], we always check the test cookie before calling `wp_signon()`. This made the issue much more prominent. Some articles even suggest hacking core as a workaround, which induced me to investigate it. 6 7 Here are some scenarios to reproduce it: 6 8 7 9 1. [http://wordpress.org/support/topic/cookies-are-blocked-or-not-supported-since-update-to-371/page/4?replies=105#post-4907345 "Some proxy/caching servers"] (e.g. Varnish) are configured to not allow setting cookies on GET requests. On a second attempt (after a POST request has been made), user is able to log in.