[wp-trac] [WordPress Trac] #32567: Cookies not being deleted.

WordPress Trac noreply at wordpress.org
Thu Jun 4 15:31:06 UTC 2015 

#32567: Cookies not being deleted.
--------------------------+-----------------------------
 Reporter:  shanee        |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:  4.2.2
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 Hello. I noticed that a Wordpress site I had was storing 53 cookies on my
 computer.

 Internet Explorer only allows a domain name to set 50 so this would cause
 issues (potentially being very hard to debug).

 20 of these cookies are from Wordpress "wp-settings-" and "wp-settings-
 time-" cookies.

 I think that these cookies should be deleted after you log out rather than
 persisting (as they are stored in a database anyway).

 Below is a patch that would delete these on log out. (It's a change to the
 wp_clear_auth_cookie function.)
 {{{
 Index: wp-includes/pluggable.php
 ===================================================================
 --- wp-includes/pluggable.php   (revision 31001)
 +++ wp-includes/pluggable.php   (working copy)
 @@ -937,6 +937,8 @@
          */
         do_action( 'clear_auth_cookie' );

 +       setcookie( 'wp-settings-time-' . get_current_user_id(), ' ',
 time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
 +       setcookie( 'wp-settings-' . get_current_user_id(), ' ', time() -
 YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
         setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS,
 ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );
         setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS,
 ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );
         setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS,
 PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
 }}}

 I'm sorry if this is a bit messy. Additionally, sorry if this is the
 intended behaviour.

 Kind regards,
 Shanee Vanstone.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/32567>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list