[buddypress-trac] [BuddyPress] #4822: Login redirects to https when FORCE_ADMIN_SSL enabled

buddypress-trac noreply at wordpress.org
Thu Feb 14 07:08:02 UTC 2013


#4822: Login redirects to https when FORCE_ADMIN_SSL enabled
-------------------------------------------------+-------------------------
 Reporter:  will_c                               |       Owner:
     Type:  defect (bug)                         |      Status:  new
 Priority:  normal                               |   Milestone:  Future
Component:  Core                                 |  Release
 Severity:  normal                               |     Version:  1.7
 Keywords:  has-patch dev-feedback needs-        |  Resolution:
  testing needs-unit-tests                       |
-------------------------------------------------+-------------------------

Comment (by r-a-y):

 Just taking a quick look at will_c's patch and he actually
 [https://buddypress.trac.wordpress.org/browser/tags/1.6.4/bp-core/bp-core-
 filters.php#L153 duplicates a bit of code in bp_core_login_redirect()] and
 moves it into the logged-out conditional.

 I agree that we should probably use the passed `$redirect_to` variable for
 checks instead of `wp_get_referer()`.

 This ticket gives us a reason to audit this function.  (Also see #4199 for
 historical context.)

-- 
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/4822#comment:2>
BuddyPress <http://buddypress.org/>
BuddyPress


More information about the buddypress-trac mailing list