Make WordPress Core

Opened 7 years ago

Last modified 3 years ago

#41937 assigned enhancement

Change name of "wp-settings-" and "wp-settings-time-" cookie

Reported by: neustradamus's profile Neustradamus Owned by: petertoi's profile petertoi
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Users Keywords: good-first-bug has-patch
Focuses: Cc:

Description

There is no option to change the cookie names of:

  • wp-settings-time-
  • wp-settings-

Can you add options?
It will be nice to add in wp-config.php like other cookies?

Thanks in advance.

Attachments (3)

41937.patch (5.6 KB) - added by petertoi 7 years ago.
Convert strings for wp-settings- and wp-settings-time- to constants
41937.2.patch (5.6 KB) - added by petertoi 7 years ago.
Confirmed against updated coding standards. Updated @since.
41937.3.patch (467 bytes) - added by multidots1896 3 years ago.
changes name to cookies,updated config file

Download all attachments as: .zip

Change History (20)

#1 @SergeyBiryukov
7 years ago

  • Component changed from General to Users
  • Keywords cookie removed
  • Severity changed from major to normal
  • Type changed from defect (bug) to enhancement

#2 @johnbillion
7 years ago

  • Keywords needs-patch good-first-bug added
  • Version trunk deleted

#3 @birgire
7 years ago

The related core (PHP) functions are:

but it's more complicated than that, because it's hardcoded in the Javascript function setUserSetting(), where:

...
settings = wpCookies.getHash( 'wp-settings-' + uid ),
...
wpCookies.setHash( 'wp-settings-' + uid, settings, 31536000, path, '', secure );
wpCookies.set( 'wp-settings-time-' + uid, userSettings.time, 31536000, path, '', secure );
...

in /wp-includes/js/utils.js:

https://core.trac.wordpress.org/browser/tags/4.8.2/src/wp-includes/js/utils.js#L151-L184

There's also the getAllUserSettings() Javascript function that contains:

return wpCookies.getHash( 'wp-settings-' + userSettings.uid ) || {};

Last edited 7 years ago by birgire (previous) (diff)

@petertoi
7 years ago

Convert strings for wp-settings- and wp-settings-time- to constants

#4 @petertoi
7 years ago

This patch takes adds constants to replace usages of 'wp-settings-' and 'wp-settings-time-' in PHP and updates the localization of utils.js with variables to use these constants in JS. Let me know if this needs any modification, happy to make any changes.

Prepared this patch at WordCamp Toronto 2017 with assistance from @pbearne.

Last edited 7 years ago by petertoi (previous) (diff)

#5 @petertoi
7 years ago

As a side note, what's the standard approach to updating WordPress code style on patches? Is code style applied only to modified code or should it be applied to related blocks (ex: adding curly brackets to all the constants in constants.php instead just those we've added)?

#6 @petertoi
7 years ago

  • Keywords has-patch added; needs-patch removed

#7 follow-up: @Neustradamus
7 years ago

Thanks for your works! :)

It has been added in 4.9 release?

#8 in reply to: ↑ 7 @petertoi
7 years ago

Replying to Neustradamus:

It has been added in 4.9 release?

No, it hasn't been reviewed yet. And may need tests too. Now that 4.9 is out the door there's a good window to bring this up in the #core Slack channel and see what folks think is required to get it in a future release.

@petertoi
7 years ago

Confirmed against updated coding standards. Updated @since.

#9 @DrewAPicture
7 years ago

  • Owner set to petertoi
  • Status changed from new to assigned

Assigning to mark the good-first-bug as "claimed".

#10 @Neustradamus
7 years ago

It is possible to have in several WordPress branches (not only 4.9.x and trunk)?

This ticket was mentioned in Slack in #core by petertoi. View the logs.


7 years ago

#12 @Clorith
7 years ago

I would just like to drop a consideration here that may or may not affect cache solutions.

Tools, such as Varnish at least, will read the existence of a cookie as a call to not cache a page by default. It's therefore common to add in rules to filter out certain cookies, in which you need to know what those cookies are.

If we start making cookie prefixes dynamic, we may essentially be invalidating many caching solutions which would impact site performances.

(This may not be an issue, but without knowing the cache configs everyone uses we can't make certain, and as such need to be careful about these kind of changes)

#13 @Neustradamus
6 years ago

Any news about it?

#14 @Neustradamus
6 years ago

It will be in 5.0?

#15 @Neustradamus
6 years ago

Happy new year 2019 to all!

Any news on it?

#16 @ka2
5 years ago

This is a feature that we definitely want you to implement.

Because other cookie names can be changed with a constant, but I think that it is impairing the extensibility of WordPress that wp-settings- {time}-{UID} cannot be changed only.

#17 @multidots1896
3 years ago

HI @Neustradamus
Here we can checkout the updated cookies
screenshot:https://prnt.sc/21ing63

@multidots1896
3 years ago

changes name to cookies,updated config file

Note: See TracTickets for help on using tickets.