WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#39846 closed defect (bug) (duplicate)

Protocol agnostic links like //foo.com produce login loop reporting cookies disabled

Reported by: dfavor Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.7.2
Component: Administration Keywords:
Focuses: Cc:

Description

If siteurl + home are changed to protocol agnostic links, site login loops... producing the dreaded...

"ERROR: Cookies are blocked or not supported by your browser..." message.

Easy way to reproduce this is to use wp-cli on command line...

wp option set siteurl foo.com
wp option set home
foo.com

After this, site login will loop forever, till siteurl + home are changed to include a protocol, either http: or https: will do.

Change History (3)

#1 @pothi
5 years ago

I use the following code (or similar) in wp-config.php file to let a site to be served on both HTTP and HTTPS, depending on the request...

if (isset($_SERVER['HTTPS']) &&
    ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
    isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
    $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
  $wplt_protocol = 'https://';
}
else {
  $wplt_protocol = 'http://';
}

$wplt_domain = 'example.com';

define('WP_HOME', $wplt_protocol . $wplt_domain);
define('WP_SITEURL', $wplt_protocol . $wplt_domain);

Since the codex recommends to use a protocol for WP_SITEURL and WP_HOME, it can not be considered as a bug, IMO.

#2 @SergeyBiryukov
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @dfavor, thanks for the ticket!

We're already tracking this issue in #21153.

#3 @dfavor
5 years ago

@SergeyBiryukov - Thanks. Missed the duplicate ticket.

Note: See TracTickets for help on using tickets.