[wp-trac] [WordPress Trac] #22705: Admin cookies set to wrong path for main blog in a WP-in-subdir-sites-on-root install that uses subdomains
WordPress Trac
noreply at wordpress.org
Mon Dec 3 23:26:40 UTC 2012
#22705: Admin cookies set to wrong path for main blog in a WP-in-subdir-sites-on-
root install that uses subdomains
-------------------------------------+------------------
Reporter: markjaquith | Owner:
Type: defect (bug) | Status: new
Priority: high | Milestone: 3.5
Component: Administration | Version:
Severity: blocker | Resolution:
Keywords: has-patch needs-testing |
-------------------------------------+------------------
Comment (by evansolomon):
Replying to [comment:2 nacin]:
> We'd basically need to force a new login for the network admin.
>
> The only alternative would be to relax the cookie security for these
networks, down to what subdirectory installs already do. It isn't ideal,
but it seems to work and is the least-impact change. (It also would only
affect new networks.)
I agree with this. More generous cookie paths seem like a much better
solution than multiple logins. I also don't think there's an actual
security concern, other than the security-by-obscurity of a slightly
different path.
Tested .2.diff and it works for me.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22705#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list