Make WordPress Core

Opened 2 years ago

Closed 17 months ago

#44175 closed defect (bug) (fixed)

Privacy Policy Guide Text Incorrect Regarding Setting of Test Cookie

Reported by: mechter Owned by: garrett-eclipse
Milestone: 5.2 Priority: normal
Severity: normal Version: 4.9.6
Component: Privacy Keywords: has-patch commit
Focuses: Cc:


The new privacy policy guide text states:

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies.

This is incorrect. The test cookie is set regardless of whether a site visitor has an account or not and it is not set upon logging in, but on visiting wp-login.php with or without intention to log in.

Suggested fix:

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies.

Attachments (2)

44175.diff (1.9 KB) - added by subrataemfluence 2 years ago.
44175.2.diff (1.6 KB) - added by garrett-eclipse 17 months ago.
Refreshed patch w/ approved text

Download all attachments as: .zip

Change History (17)

#1 @SergeyBiryukov
2 years ago

  • Milestone changed from Awaiting Review to 4.9.7

I wonder if we could change the behavior to match the text, so that the test cookie is only set upon trying to log in, as that probably makes more sense. I'd be more comfortable with doing that in a major release though.

For 4.9.7, let's change the text to match the current behaviour.

#2 @subrataemfluence
2 years ago

  • Keywords has-patch added

I agree with @SergeyBiryukov that the cookie should be set on login. This is not very feasible to set it on visiting login page irrespective of the further action taken by the user. As of now, as suggested, here is the patch to change the text to match the present text.

Will work on the login script so that the cookie is set after login is successfully done.

#3 @desrosj
2 years ago

  • Milestone changed from 4.9.7 to 4.9.8

Moving all tickets in 4.9.7 to 4.9.8.

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.

2 years ago

#5 @desrosj
2 years ago

  • Milestone changed from 4.9.8 to 4.9.9

#6 @subrataemfluence
2 years ago

@desrosj, @SergeyBiryukov Since the milestone has now been changed to 4.9.9 may I try my hand on the login script?

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.

2 years ago

#8 @desrosj
2 years ago

  • Keywords needs-refresh added

@subrataemfluence Sure, you can try any time! The work can happen asynchronously. :)

44175.diff does need to be refreshed, though, as it does not apply to trunk correctly. We discussed the text change in the most recent Privacy component bug scrub and all were happy with the suggested change for 4.9.9.

#9 @subrataemfluence
2 years ago

@desrosj Thank you so much!

Out of curiosity I would like to know about the problem with the patch which prevented it to be applied to trunk. :)

This ticket was mentioned in Slack in #core-privacy by desrosj. View the logs.

23 months ago

#11 @pento
22 months ago

  • Milestone changed from 4.9.9 to Future Release

This ticket was mentioned in Slack in #core-privacy by webdevlaw. View the logs.

22 months ago

#13 @garrett-eclipse
19 months ago

Hi @subrataemfluence

I attempted to apply the patch to trunk using grunt patch:44175 and got the following error;

Running "patch:44175" (patch) task
can't find file to patch at input line 5
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
|diff --git a/var/www/wp-projects/wp-trunk/trunk/src/wp-admin/includes/misc.php b/misc.php
|index 1d86158..a419cf3 100755
|--- a/var/www/wp-projects/wp-trunk/trunk/src/wp-admin/includes/misc.php
|+++ b/misc.php

This looks to be occurring due to the patch having been made at a directory above the project a/var/www/wp-projects/wp-trunk/. You'll probably just have to reapply the change and re-create the patch from the root of your WP checkout.

Checkout - https://make.wordpress.org/core/handbook/tutorials/working-with-patches/

And I use this to install WP directory - https://make.wordpress.org/core/handbook/tutorials/installing-wordpress-locally/from-svn/

My personal workflow that works nicely is;

  1. Create new folder, navigate into it.
  2. Checkout the repo - svn co https://develop.svn.wordpress.org/trunk/ .
  3. Install the modules - npm install
  4. Make my changes.
  5. Create a patch from the root of the new folder - svn diff src > #####.diff
  6. Test the patch by building - grunt build, then setting up database and site.
  7. When happy upload patch - grunt upload_patch:#####

I hope that helps, find me on Slack if you get stuck.

Thanks for the patch

17 months ago

Refreshed patch w/ approved text

#14 @garrett-eclipse
17 months ago

  • Keywords commit added; needs-refresh removed
  • Milestone changed from Future Release to 5.2
  • Owner set to garrett-eclipse
  • Status changed from new to assigned

Hi @subrataemfluence thank you for the initial patch.

I've refreshed it in 44175.2.diff to apply cleanly to trunk.
I've moved this to commit in 5.2 as it's a minor fix.

I've also created #46618 as an enhancement to account for moving the Test Cookie logic into the login action rather than the login page visit.


#15 @SergeyBiryukov
17 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 44987:

Privacy: Update default privacy policy text to match the current behavior of setting a temporary cookie on visiting the login page.

Props mechter, subrataemfluence, garrett-eclipse.
Fixes #44175.

Note: See TracTickets for help on using tickets.