Make WordPress Core

Opened 7 years ago

Closed 6 years ago

#7558 closed defect (bug) (fixed)

wp-login $redirect_to breaks tinyMCE under SSL

Reported by: bitethemailman Owned by:
Milestone: Priority: normal
Severity: major Version: 2.5
Component: General Keywords: wp-login tinymce ssl editor popup javascript https
Focuses: Cc:


SSL logins use https URLs that break the pre-initalization sequence for tinyMCE. once a login is successful, the redirect uses a shorthand URL leading to the dashboard. this shorthand fails to remove the "S" from the "https".

The problem went something like this: when a user tried to view a popup window in tinyMCE, a blank popup would appear, and the error console (oh, glorious firebug and safari consoles) would display a confusing version of a javascript security warning, saying that it refused to pull up a non-secured function from a secure requesting URL. The fix is as follows.

In version 2.5, wp-login.php edits:

line 347 old:

$redirect_to = 'wp-admin/';


$redirect_to = get_option('siteurl') . '/wp-admin/';

don't miss the new leading slash.
Hope this helps!

Change History (1)

comment:1 @Denis-de-Bernardy6 years ago

  • Resolution set to fixed
  • Status changed from new to closed

This is fixed since WP 2.6 as far as I can tell.

Note: See TracTickets for help on using tickets.