[wp-trac] [WordPress Trac] #19599: Localizations should not need to worry about the default secret key
WordPress Trac
wp-trac at lists.automattic.com
Thu May 24 21:22:11 UTC 2012
#19599: Localizations should not need to worry about the default secret key
----------------------------+-----------------------
Reporter: nacin | Owner: nacin
Type: task (blessed) | Status: reopened
Priority: high | Milestone: 3.4
Component: I18N | Version: 3.4
Severity: blocker | Resolution:
Keywords: has-patch |
----------------------------+-----------------------
Comment (by nacin):
In [20887]:
{{{
#!CommitTicketReference repository="" revision="20887"
When auth_redirect() detects a logged out user and the target
page was about.php?updated, then issue a message welcoming them.
This is to prevent it from being so jolting if you are taken to
the login screen after an update.
In WordPress 3.4, the changes to wp_salt() provide for extra
security, but will cause a log-out for any installs without 8
unique keys and salts in wp-config.php (with some exceptions).
Properly re-issuing cookies, even for the logged in user, is
not easily doable via admin/includes/update-core.php, as that
file is included long after the headers are sent.
see #19599.
}}}
--
Ticket URL: <http://core.trac.wordpress.org/ticket/19599#comment:17>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list