Make WordPress Core

Opened 13 years ago

Closed 6 years ago

#9873 closed defect (bug) (wontfix)

enforce a consistent home and siteurl www. pref

Reported by: Denis-de-Bernardy Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.8
Component: Users Keywords: has-patch
Focuses: Cc:


Seen on a few sites. home and siteurl with inconsistent www prefs prevents the admin user's cookie from getting picked up properly, upon logging in.

code I currently use to prevent the issue is this:

add_action('login_head', 'fix_www_pref');

function fix_www_pref() {
	$home_url = get_option('home');
	$site_url = get_option('siteurl');
	$home_www = strpos($home_url, '://www.') !== false;
	$site_www = strpos($site_url, '://www.') !== false;
	if ( $home_www != $site_www ) {
		if ( $home_www )
			$site_url = str_replace('://', '://www.', $site_url);
			$site_url = str_replace('://www.', '://', $site_url);
		update_option('site_url', $site_url);
} # fix_www_pref()

there's probably a better way and a better location for this.

Attachments (2)

options.php.diff (1.4 KB) - added by norcross 10 years ago.
catch $_POST values for urls and check / replace if needed
9873.patch (754 bytes) - added by johnpbloch 8 years ago.
Explicit COOKIE_DOMAIN for www inconsistency

Download all attachments as: .zip

Change History (17)

#1 @Denis-de-Bernardy
13 years ago

  • Milestone changed from 2.8 to Future Release

punting pending patch

#2 @Denis-de-Bernardy
12 years ago

see also #10095 (closed issue), which highlights a side-effect

#3 @Denis-de-Bernardy
12 years ago

see also #10447 for more potential side effects

#4 @hakre
12 years ago

Related: #10970

#5 @scribu
12 years ago

Related: #11945

#6 @mikeschinkel
12 years ago

  • Cc mikeschinkel@… added

#7 @nacin
10 years ago

Closed #20430 as a duplicate.

#8 @SergeyBiryukov
10 years ago

Crops up on support forums once in a while.

10 years ago

catch $_POST values for urls and check / replace if needed

#9 @norcross
10 years ago

  • Cc andrew@… added
  • Keywords has-patch added
  • Type changed from enhancement to defect (bug)
  • Version changed from 2.8 to 3.4

#10 @helenyhou
10 years ago

  • Version changed from 3.4 to 2.8

Version number indicates when the bug was initially introduced/reported.

#11 @Ipstenu
10 years ago

  • Cc ipstenu@… added

8 years ago

Explicit COOKIE_DOMAIN for www inconsistency

#12 @johnpbloch
8 years ago

  • Cc johnpbloch@… added

It seems to me that overriding a user's chosen preference in the options table is the wrong way to fix this bug. Since the problem is that it causes inconsistencies in cookie behavior, it makes more sense to me to fix this issue by forcing a value for COOKIE_DOMAIN if a www. inconsistency is detected.

This ticket was mentioned in IRC in #wordpress-dev by ipstenu. View the logs.

8 years ago

#14 @chriscct7
6 years ago

  • Keywords dev-feedback added

#15 @johnbillion
6 years ago

  • Keywords dev-feedback removed
  • Milestone Future Release deleted
  • Resolution set to wontfix
  • Status changed from new to closed

I struggle to believe that this is such a common occurrence that core needs to handle this.

In addition, both of the proposed solutions will break sites which use a different domain name for home and siteurl (eg. www.example.com and admin.example.com).

Feel free to re-open if there's a common situation which leads to this that I'm not accounting for, and/or if someone wants to write a comprehensive patch with unit tests.

Note: See TracTickets for help on using tickets.