[wp-trac] [WordPress Trac] #47480: Set expiration of the recovery mode cookie
WordPress Trac
noreply at wordpress.org
Tue Jun 4 15:08:15 UTC 2019
#47480: Set expiration of the recovery mode cookie
-------------------------+-----------------------------
Reporter: david.binda | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 5.2
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
The recovery mode cookie is set with no expiration, but any request
containing a recovery mode cookie is handled by WordPress as a request
which is attempting to enter the recovery mode and the validity of the
cookie is being checked during the request processing, which includes a
expiration of the cookie (by default set to a week).
It means that whenever a recovery mode is entered and not properly existed
via a button in wp-admin, the recovery cookie stays in the browser and
WordPress would eventually presents a `wp_die` error page to a user who
did not exit the recovery mode by expected path. The UI is quite rough, as
it requires the user to manually reload the page in order to access their
WordPress site again.
It feels like such an edge-case could be mitigated by setting the cookie's
expiration to the same amount of time for which the token in it is valid -
eg.: to a week by default.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47480>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list