[wp-trac] Re: [WordPress Trac] #8212: generate/validate_auth_cookie
doesn't always check scheme
WordPress Trac
wp-trac at lists.automattic.com
Fri Nov 14 11:25:33 GMT 2008
#8212: generate/validate_auth_cookie doesn't always check scheme
------------------------+---------------------------------------------------
Reporter: tellyworth | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.8
Component: General | Version:
Severity: normal | Resolution:
Keywords: |
------------------------+---------------------------------------------------
Comment (by tellyworth):
unique-salt-r9678.patch fixes the problem by providing a fallback salt
value that's unique to each auth scheme.
Unit tests are in http://svn.automattic.com/wordpress-tests/wp-
testcase/test_includes_pluggable.php TestAuthFunctions. There's one
failure before the patch, all pass afterwards.
I made a typo in one of the examples above (-3600 instead of +3600) but
the unit tests in svn are correct.
--
Ticket URL: <http://trac.wordpress.org/ticket/8212#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list