Make WordPress Core

Opened 16 years ago

Closed 15 years ago

#7546 closed defect (bug) (fixed)

Secret key generator wrongly escapes double-quote

Reported by: thenlich's profile thenlich Owned by: matt's profile matt
Milestone: Priority: normal
Severity: normal Version:
Component: WordPress.org Site Keywords:
Focuses: Cc:

Description

The generator at http://api.wordpress.org/secret-key/1.1/ escapes the double-quote character with a backslash, e.g.

define('AUTH_KEY', '... x&m\"\'0RJ ...}');
...

Since only the single-quote and backslash can be escaped that way in a single-quoted string, the backslash will be included verbally in the string.

This will reduce randomness by a small amount and will make the string longer than 64 characters.

Change History (3)

#1 @Denis-de-Bernardy
15 years ago

still current

#2 @ryan
15 years ago

No quotes should show in the 1.1 version anymore. 1.0 still shows them and escapes them.

#3 @Denis-de-Bernardy
15 years ago

  • Resolution set to fixed
  • Status changed from new to closed

oh, right. i played with both earlier today. =P

Note: See TracTickets for help on using tickets.