Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #48119


Ignore:
Timestamp:
09/24/2019 07:54:33 AM (5 years ago)
Author:
johnbillion
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #48119

    • Property Version changed from trunk to
  • Ticket #48119 – Description

    initial v1  
    1 When renaming the WordPress cookies to use the __Host- or __Secure- cookie prefix, logging out no longer works. The wp_clear_auth_cookie() function needs to use the "Secure" cookie flag to ensure that modern browsers will allow in to overwrite the login cookies when cookie prefixes are used.
     1When renaming the WordPress cookies to use the `__Host-` or `__Secure-` cookie prefix, logging out no longer works. The wp_clear_auth_cookie() function needs to use the "Secure" cookie flag to ensure that modern browsers will allow in to overwrite the login cookies when cookie prefixes are used.
    22
    33How to reproduce:
     
    551. Use HTTPS
    662. Set cookie prefixes in wp_config.php:
     7{{{
    78if (@$_SERVER['HTTPS'] == 'on') {
    89  define( 'COOKIEHASH',           md5( WP_HOME ) );
     
    1920  define( 'PLUGINS_COOKIE_PATH',  '/' );
    2021}
     22}}}
    2123
    22243. Login