[wp-trac] [WordPress Trac] #52639: Add proper Security Attributes to the Cookies set by WordPress
WordPress Trac
noreply at wordpress.org
Wed Feb 24 15:10:08 UTC 2021
#52639: Add proper Security Attributes to the Cookies set by WordPress
-------------------------------+-------------------------------
Reporter: isaumya | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Resolution:
Keywords: reporter-feedback | Focuses: coding-standards
-------------------------------+-------------------------------
Comment (by isaumya):
Another wired thing I saw is that when I am visiting lets say `/wp-
login.php?redirect_to=https%3A%2F%2Fex.example.tech%2Fwp-
admin%2F&reauth=1` which is where a page redirects after you just hit
`/wp-admin/` Among all the cookies I see there only the test cookie has
Secure in it. I am looking at the response header of the page:
[[Image(https://i.imgur.com/KtEZJsq.png)]]
I have no idea why this is happening. They're supposed to be `secure`
there at the end. It's a blank testing site on Kinsta. So, there is
nothing that can be creating this. It's simply vanilla WP Core. If you
want I can share the test site URL.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52639#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list