WordPress.org

Make WordPress Core

Opened 6 years ago

Closed 5 years ago

#7546 closed defect (bug) (fixed)

Secret key generator wrongly escapes double-quote

Reported by: thenlich Owned by: matt
Milestone: Priority: normal
Severity: normal Version:
Component: WordPress.org site Keywords:
Focuses: Cc:

Description

The generator at http://api.wordpress.org/secret-key/1.1/ escapes the double-quote character with a backslash, e.g.

define('AUTH_KEY', '... x&m\"\'0RJ ...}');
...

Since only the single-quote and backslash can be escaped that way in a single-quoted string, the backslash will be included verbally in the string.

This will reduce randomness by a small amount and will make the string longer than 64 characters.

Change History (3)

comment:1 Denis-de-Bernardy5 years ago

still current

comment:2 ryan5 years ago

No quotes should show in the 1.1 version anymore. 1.0 still shows them and escapes them.

comment:3 Denis-de-Bernardy5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

oh, right. i played with both earlier today. =P

Note: See TracTickets for help on using tickets.