[wp-trac] [WordPress Trac] #62273: Referrer-Policy header missing in login
WordPress Trac
noreply at wordpress.org
Tue Oct 22 10:40:08 UTC 2024
#62273: Referrer-Policy header missing in login
--------------------------+---------------------
Reporter: kkmuffme | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.8
Component: Security | Version: 4.9
Severity: critical | Resolution:
Keywords: | Focuses:
--------------------------+---------------------
Changes (by SergeyBiryukov):
* milestone: Awaiting Review => 6.8
Old description:
> https://github.com/WordPress/wordpress-
> develop/commit/bd6ee706d0f47e3be9b5dfb66982f82e9bfda580 from
> https://core.trac.wordpress.org/ticket/42036
>
> added the Referrer-Policy header on wp-admin and the login page.
>
> However this does not (and from what I can see) has never worked on wp-
> login.
> It's hooked to `add_action( 'login_init', 'wp_admin_headers' );` but the
> `wp_admin_headers` function is not loaded on the login page, as only gets
> loaded in wp-admin.
>
> @johnbillion
New description:
[41741] from #42036 added the Referrer-Policy header on wp-admin and the
login page.
However this does not (and from what I can see) has never worked on wp-
login.
It's hooked to `add_action( 'login_init', 'wp_admin_headers' );` but the
`wp_admin_headers` function is not loaded on the login page, as only gets
loaded in wp-admin.
@johnbillion
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62273#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list