[wp-trac] [WordPress Trac] #29294: There may be lots of 'wp-saving-post-*' left-over/stale cookies
WordPress Trac
noreply at wordpress.org
Thu Aug 21 21:43:20 UTC 2014
#29294: There may be lots of 'wp-saving-post-*' left-over/stale cookies
--------------------------+------------------
Reporter: azaozz | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.0
Component: Autosave | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------
Comment (by azaozz):
Yeah, `max-age: [seconds];` would work better than `expires: [GMT date]`
for these cookies. However setting a cookie with `header( 'Set-Cookie:
...' )` [http://stackoverflow.com/questions/5499476/is-it-ok-to-send-
cookie-headers-directly-with-header-calls may interfere] with using
`setcookie()` (to set other cookies) at least in some PHP versions since
5.2.4.
As these cookies are non-critical, perhaps better not to use that as it
may cause bugs that will be very hard to find.
The worst case scenario here (no cookie) means that we will be comparing
post title, content and excerpt to the data saved in sessionStorage. In
some cases that triggers false positives. A proper cookie also triggers
removal of the data from sessionStorage, however (thankfully) it seems
sessionStorage is emptied properly on quitting the browser, i.e. it is
unaffected by the above browser settings.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29294#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list