[wp-trac] [WordPress Trac] #19723: Setting only SSL_Login does not force SSL Login
WordPress Trac
wp-trac at lists.automattic.com
Tue Jan 10 04:01:39 UTC 2012
#19723: Setting only SSL_Login does not force SSL Login
--------------------------+----------------------
Reporter: ccolotti | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 3.3
Severity: normal | Resolution: wontfix
Keywords: has-patch |
--------------------------+----------------------
Changes (by ryan):
* status: new => closed
* resolution: => wontfix
* milestone: Awaiting Review =>
Comment:
This is done as part of the support for allowing logins over https or
http. Visiting wp-login.php via https results in SSL-only cookies and
redirection to the https admin. Visiting wp-login.php via http results on
non-SSL cookies and redirection to the http admin. Currently, those who
want wp-login.php to always be delivered over SLL must FORCE_SSL_ADMIN or
use a plugin.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/19723#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list