[wp-trac] [WordPress Trac] #32413: Including http://*. in $_GET variable breaks user session
WordPress Trac
noreply at wordpress.org
Fri May 15 16:43:34 UTC 2015
#32413: Including http://*. in $_GET variable breaks user session
--------------------------+------------------------------
Reporter: zergling81 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.2.2
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+------------------------------
Changes (by zergling81):
* status: new => closed
* resolution: => invalid
Comment:
This looks to be a hosting environment issue and not a Wordpress issue -
my reproduction works reliably on Hostgator shared hosting, but not on my
local server. On Bluehost Wordpress hosting, "http://*." does not cause
problems - but a range of popular file suffixes (.jpg, .jpeg, .png, .pdf,
.mp3 but NOT .doc, .aiff, .tiff) in the variable value produce the exact
same behavior.
With this knowledge in hand, I have managed to elicit the behavior from a
4.1.5 install as well as a generic HTML page. So, it's somebody's issue,
but not a WP bug, contrary to prior appearances.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32413#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list