[wp-trac] [WordPress Trac] #29095: The get/set_user_setting fails on multisite/network with sub-domains
WordPress Trac
noreply at wordpress.org
Wed Aug 13 03:34:16 UTC 2014
#29095: The get/set_user_setting fails on multisite/network with sub-domains
--------------------------------+-----------------------
Reporter: azaozz | Owner: azaozz
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: 4.0
Component: Options, Meta APIs | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------------+-----------------------
Comment (by azaozz):
[29478] reverts most of [29362] keeping only whitespace/braces changes and
adds `secure` when setting the cookie from JS. The actual fix is removing
`COOKIE_DOMAIN` from the `'wp-settings-' . $user_id` cookies when setting
them from PHP. That was added in [28895] probably by mistake, and I missed
it the first time so [29362] didn't really fix it well.
When a cookie is set with a domain, the browsers send it to that domain
and to all sub-domains. When it is set without a domain, it is sent only
to the current domain, not to any sub-domains. So if we set a cookie from
`core.trac.wordpress.org` with a domain of `wordpress.org`, it will be
sent to all other sub-domains. However if we set the same cookie without a
domain, it will only be sent to the current site.
The same is true for the "root" domain. A cookie set on `wordpress.org`
with a domain of `wordpress.org` will be sent to all sub-domains. The same
cookie set without a domain will be sent only to `wordpress.org`. Some
info and links on
[http://en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path Wikipedia].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/29095#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list