[wp-trac] Re: [WordPress Trac] #10267: Login form SSL is confusing
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 25 11:01:20 GMT 2009
#10267: Login form SSL is confusing
-------------------------------+--------------------------------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.1
Component: Security | Version:
Severity: normal | Keywords: has-patch
-------------------------------+--------------------------------------------
Comment(by Denis-de-Bernardy):
the issue is this, in site_url:
{{{
$scheme = ( is_ssl() ? 'https' : 'http' );
}}}
the entire check might need to look like the following:
{{{
if ( 'login_post' == $scheme )
$scheme = ( force_ssl_login() || force_ssl_admin() ) ? 'https' :
'http';
elseif ( 'login' == $scheme )
$scheme = ( force_ssl_login() || force_ssl_admin() ) ? 'https' :
'http';
elseif ( ('admin' == $scheme) )
$scheme = force_ssl_admin() ? 'https' : 'http';
else
$scheme = is_ssl() ? 'https' : 'http';
}}}
but we might then end up needing an extra scheme for #10268 and the likes
of #10253.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10267#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list