Opened 11 years ago
Closed 11 years ago
#29668 closed defect (bug) (invalid)
Runaway sessions
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | high | |
| Severity: | normal | Version: | 4.0 |
| Component: | Security | Keywords: | |
| Focuses: | Cc: |
Description
I'm seeing a new token being added to each user's session array (the session_tokens user meta field) on every single page load (in the admin area and on the front end).
Reproduced on multiple installs. Currently debugging to find the cause.
Change History (4)
#4
@
11 years ago
- Milestone 4.0.1 deleted
- Resolution set to invalid
- Status changed from new to closed
I thought there wasn't a common plugin between the sites, but there is. Query Monitor's authentication component is the culprit. Gosh diddly darn it.
Note: See
TracTickets for help on using
tickets.
Cannot reproduce. This would happen if someone was calling wp_set_auth_cookie() on every pageload.