[buddypress-trac] [BuddyPress Trac] #6528: bp_verify_nonce_request() not working correctly for those using a port in URL
buddypress-trac
noreply at wordpress.org
Wed Jun 24 08:47:54 UTC 2015
#6528: bp_verify_nonce_request() not working correctly for those using a port in
URL
------------------------------+-----------------------------
Reporter: r-a-y | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Component - Core | Version: 1.6
Severity: normal | Keywords:
------------------------------+-----------------------------
When a site is using a port for their home URL,
`bp_verify_nonce_request()` can sometimes fail.
bp_verify_nonce_request() fails if these two conditions are met:
* WordPress is installed in a subdirectory
* Site is using a port number in the WP home URL
See:
https://buddypress.org/support/topic/bp_verify_nonce_request-not-
working/#post-241018
In that user's debugging, the port is duplicated twice due to
`$_SERVER['HTTP_HOST']` including the port number and we're appending the
port number again with `$_SERVER['SERVER_PORT']`.
Attached patch only appends `$_SERVER['SERVER_PORT']` if
`$_SERVER['HTTP_HOST']` does not already include the port number.
Patch also includes a unit test describing the above use case.
I can write more unit tests if desired.
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/6528>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list