Skip to content

Commit 9908d4a

Browse files
ryanborenryanboren
committed
Add some cookie filters to allow plugins more control over SSL cookie delivery. see #15330
git-svn-id: https://develop.svn.wordpress.org/trunk@17227 602fd350-edb4-49c9-b593-d223f7449a82
1 parent 0c2c9f2 commit 9908d4a

2 files changed

Lines changed: 11 additions & 4 deletions

File tree

wp-includes/pluggable.php

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -671,6 +671,9 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
671671
if ( '' === $secure )
672672
$secure = is_ssl();
673673

674+
$secure = apply_filters('secure_auth_cookie', $secure, $user_id);
675+
$secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', false, $user_id, $secure);
676+
674677
if ( $secure ) {
675678
$auth_cookie_name = SECURE_AUTH_COOKIE;
676679
$scheme = 'secure_auth';
@@ -689,18 +692,18 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
689692
if ( version_compare(phpversion(), '5.2.0', 'ge') ) {
690693
setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
691694
setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
692-
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, false, true);
695+
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
693696
if ( COOKIEPATH != SITECOOKIEPATH )
694-
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, false, true);
697+
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
695698
} else {
696699
$cookie_domain = COOKIE_DOMAIN;
697700
if ( !empty($cookie_domain) )
698701
$cookie_domain .= '; HttpOnly';
699702
setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, $cookie_domain, $secure);
700703
setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, $cookie_domain, $secure);
701-
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain);
704+
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, $cookie_domain, $secure_logged_in_cookie);
702705
if ( COOKIEPATH != SITECOOKIEPATH )
703-
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain);
706+
setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, SITECOOKIEPATH, $cookie_domain, $secure_logged_in_cookie);
704707
}
705708
}
706709
endif;
@@ -764,6 +767,8 @@ function auth_redirect() {
764767

765768
$secure = ( is_ssl() || force_ssl_admin() );
766769

770+
$secure = apply_filters('secure_auth_redirect', $secure);
771+
767772
// If https is required and request is http, redirect
768773
if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) {
769774
if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {

wp-includes/user.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,8 @@ function wp_signon( $credentials = '', $secure_cookie = '' ) {
4343
if ( '' === $secure_cookie )
4444
$secure_cookie = is_ssl();
4545

46+
$secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, $credentials);
47+
4648
global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
4749
$auth_secure_cookie = $secure_cookie;
4850

0 commit comments

Comments
 (0)