Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#43843 closed defect (bug) (fixed)

Set nocache_headers in wp-signup.php

Reported by: herregroen's profile herregroen Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: 4.9.6 Priority: normal
Severity: normal Version: 5.1
Component: Login and Registration Keywords: has-patch
Focuses: multisite Cc:

Description

Currently no cache headers are being set on wp-signup.php.

This can lead to nonces being cached and still being served even when they've become invalid.

nocache_headers(); should be called in this file.

Attachments (1)

signup_cache_headers.patch (459 bytes) - added by herregroen 6 years ago.

Download all attachments as: .zip

Change History (4)

#1 @SergeyBiryukov
6 years ago

  • Milestone changed from Awaiting Review to 4.9.6
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#2 @SergeyBiryukov
6 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 43030:

Login and Registration: Send nocache_headers() on Multisite signup pages.

Props herregroen.
Fixes #43843.

#3 @SergeyBiryukov
6 years ago

In 43031:

Login and Registration: Send nocache_headers() on Multisite signup pages.

Props herregroen.
Merges [43030] to the 4.9 branch.
Fixes #43843.

Note: See TracTickets for help on using tickets.