[wp-trac] [WordPress Trac] #17728: User loses logged_in cookie but not other auth cookies
WordPress Trac
wp-trac at lists.automattic.com
Wed Jun 8 20:20:03 UTC 2011
#17728: User loses logged_in cookie but not other auth cookies
----------------------------+------------------------------
Reporter: mintindeed | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 3.1.2
Severity: normal | Resolution:
Keywords: |
----------------------------+------------------------------
Comment (by nacin):
One cookie -- for wp-content/plugins -- is for compatibility, see [8209].
Separating the other two are important. The admin cookie would normally
handle the entire site, but for security purposes this privileged cookie
is restricted to /wp-admin/. Thus the generic logged-in unprivileged
cookie handles the frontend. It actually doesn't have to do with SSL,
which introduces additional complexity all on tis own.
> we have worked with WP support to resolve it
Link? Or are you referring to WordPress.com, the separate hosted service?
With regards to the bug, not a clue what would cause this. We set and
destruct these cookies all at the same time. That said, we could check for
the existence of wordpress_logged_in_* on the backend, and set it if for
some reason it is missing.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/17728#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list