Make WordPress Core

Opened 7 years ago

Closed 8 weeks ago

#9873 closed defect (bug) (wontfix)

enforce a consistent home and siteurl www. pref

Reported by: Denis-de-Bernardy Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.8
Component: Users Keywords: has-patch
Focuses: Cc:


Seen on a few sites. home and siteurl with inconsistent www prefs prevents the admin user's cookie from getting picked up properly, upon logging in.

code I currently use to prevent the issue is this:

add_action('login_head', 'fix_www_pref');

function fix_www_pref() {
	$home_url = get_option('home');
	$site_url = get_option('siteurl');
	$home_www = strpos($home_url, '://www.') !== false;
	$site_www = strpos($site_url, '://www.') !== false;
	if ( $home_www != $site_www ) {
		if ( $home_www )
			$site_url = str_replace('://', '://www.', $site_url);
			$site_url = str_replace('://www.', '://', $site_url);
		update_option('site_url', $site_url);
} # fix_www_pref()

there's probably a better way and a better location for this.

Attachments (2)

options.php.diff (1.4 KB) - added by norcross 4 years ago.
catch $_POST values for urls and check / replace if needed
9873.patch (754 bytes) - added by johnpbloch 2 years ago.
Explicit COOKIE_DOMAIN for www inconsistency

Download all attachments as: .zip

Change History (17)

#1 @Denis-de-Bernardy
7 years ago

  • Milestone changed from 2.8 to Future Release

punting pending patch

#2 @Denis-de-Bernardy
6 years ago

see also #10095 (closed issue), which highlights a side-effect

#3 @Denis-de-Bernardy
6 years ago

see also #10447 for more potential side effects

#4 @hakre
6 years ago

Related: #10970

#5 @scribu
6 years ago

Related: #11945

#6 @mikeschinkel
6 years ago

  • Cc mikeschinkel@… added

#7 @nacin
4 years ago

Closed #20430 as a duplicate.

#8 @SergeyBiryukov
4 years ago

Crops up on support forums once in a while.

4 years ago

catch $_POST values for urls and check / replace if needed

#9 @norcross
4 years ago

  • Cc andrew@… added
  • Keywords has-patch added
  • Type changed from enhancement to defect (bug)
  • Version changed from 2.8 to 3.4

#10 @helenyhou
4 years ago

  • Version changed from 3.4 to 2.8

Version number indicates when the bug was initially introduced/reported.

#11 @Ipstenu
4 years ago

  • Cc ipstenu@… added

2 years ago

Explicit COOKIE_DOMAIN for www inconsistency

#12 @johnpbloch
2 years ago

  • Cc johnpbloch@… added

It seems to me that overriding a user's chosen preference in the options table is the wrong way to fix this bug. Since the problem is that it causes inconsistencies in cookie behavior, it makes more sense to me to fix this issue by forcing a value for COOKIE_DOMAIN if a www. inconsistency is detected.

This ticket was mentioned in IRC in #wordpress-dev by ipstenu. View the logs.

22 months ago

#14 @chriscct7
8 weeks ago

  • Keywords dev-feedback added

#15 @johnbillion
8 weeks ago

  • Keywords dev-feedback removed
  • Milestone Future Release deleted
  • Resolution set to wontfix
  • Status changed from new to closed

I struggle to believe that this is such a common occurrence that core needs to handle this.

In addition, both of the proposed solutions will break sites which use a different domain name for home and siteurl (eg. www.example.com and admin.example.com).

Feel free to re-open if there's a common situation which leads to this that I'm not accounting for, and/or if someone wants to write a comprehensive patch with unit tests.

Note: See TracTickets for help on using tickets.