[wp-trac] [WordPress Trac] #55230: Release 5.9.1 breaks administration login.
WordPress Trac
noreply at wordpress.org
Tue Feb 22 23:03:27 UTC 2022
#55230: Release 5.9.1 breaks administration login.
------------------------------------+-----------------------------
Reporter: carlduranleau | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.9.2
Component: Login and Registration | Version: 5.9.1
Severity: blocker | Resolution:
Keywords: needs-patch | Focuses: administration
------------------------------------+-----------------------------
Changes (by SergeyBiryukov):
* component: Administration => Login and Registration
* milestone: Awaiting Review => 5.9.2
Old description:
> The release 5.9.1 introduced a bug in script-loader.php with this new
> method:
>
> /**
> * Render the SVG filters supplied by theme.json.
> *
> * Note that this doesn't render the per-block user-defined
> * filters which are handled by wp_render_duotone_support,
> * but it should be rendered before the filtered content
> * in the body to satisfy Safari's rendering quirks.
> *
> * @since 5.9.1
> */
> function wp_global_styles_render_svg_filters() {
> return;
> /*
> * When calling via the in_admin_header action, we only want to
> render the
> * SVGs on block editor pages.
> */
> if (
> is_admin() &&
> ! get_current_screen()->is_block_editor()
> ) {
> return;
> }
>
> $filters = wp_get_global_styles_svg_filters();
> if ( ! empty( $filters ) ) {
> echo $filters;
> }
> }
>
> This method echos characters to the response stream before all "headers"
> and "cookies" have been pushed. This prevents the wp-login.php form to
> work properly because every calls to the "header" or "cookie" method then
> generates this warning: "Cannot modify header information – headers
> already sent by...”. This prevents the authentication cookie to be sent
> to the browser which breaks the authentication mechanism. To fix this
> issue, I had to add a "return;" in the new
> "wp_global_styles_render_svg_filters" method.
New description:
The release 5.9.1 introduced a bug in script-loader.php with this new
method:
{{{
/**
* Render the SVG filters supplied by theme.json.
*
* Note that this doesn't render the per-block user-defined
* filters which are handled by wp_render_duotone_support,
* but it should be rendered before the filtered content
* in the body to satisfy Safari's rendering quirks.
*
* @since 5.9.1
*/
function wp_global_styles_render_svg_filters() {
return;
/*
* When calling via the in_admin_header action, we only want to
render the
* SVGs on block editor pages.
*/
if (
is_admin() &&
! get_current_screen()->is_block_editor()
) {
return;
}
$filters = wp_get_global_styles_svg_filters();
if ( ! empty( $filters ) ) {
echo $filters;
}
}
}}}
This method echos characters to the response stream before all "headers"
and "cookies" have been pushed. This prevents the wp-login.php form to
work properly because every calls to the "header" or "cookie" method then
generates this warning: "Cannot modify header information – headers
already sent by...”. This prevents the authentication cookie to be sent to
the browser which breaks the authentication mechanism. To fix this issue,
I had to add a "return;" in the new "wp_global_styles_render_svg_filters"
method.
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55230#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list