[wp-trac] [WordPress Trac] #32567: Cookies not being deleted.
WordPress Trac
noreply at wordpress.org
Mon Jun 19 18:01:15 UTC 2017
#32567: Cookies not being deleted.
--------------------------+--------------------------
Reporter: shanee | Owner: johnbillion
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.8
Component: Users | Version: 2.7
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses:
--------------------------+--------------------------
Comment (by lkraav):
@johnbillion I'm fairly certain we have a regression with [40580]. iThemes
Security Pro is now infinite looping when auth cookie becomes expired.
Specifically, their `core/modules/hide-backend/class-itsec-hide-
backend.php` module does this:
{{{
add_action( 'auth_cookie_expired', array( $this, 'auth_cookie_expired' )
);
}}}
and then
{{{
/**
* Lets the module know that this is a reauthorization
*
* @since 4.1
*
* @return void
*/
public function auth_cookie_expired() {
$this->auth_cookie_expired = true;
wp_clear_auth_cookie();
}
}}}
I'm fairly certain that you calling `get_current_user_id()` in [40580]
triggers a cookie loop. Reverting this patch immediately restores correct
operation.
Your thoughts? I vote re-open and investigate.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32567#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list