Set the secure flag on the wp-saving-post cookie when using HTTPS.

This cookie doesn't contain any sensitive information, but this change brings its behaviour in line with all other core cookies.

Fixes #31056

Built from https://develop.svn.wordpress.org/trunk@34027


git-svn-id: http://core.svn.wordpress.org/trunk@33996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
John Blackbourn 2015-09-10 22:42:23 +00:00
parent 5918b30cdd
commit 9bf86a74d0
4 changed files with 5 additions and 4 deletions

View File

@ -190,7 +190,7 @@ case 'editpost':
// Session cookie flag that the post was saved
if ( isset( $_COOKIE['wp-saving-post'] ) && $_COOKIE['wp-saving-post'] === $post_id . '-check' ) {
setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS );
setcookie( 'wp-saving-post', $post_id . '-saved', time() + DAY_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, is_ssl() );
}
redirect_post($post_id); // Send user on their way while we keep working

View File

@ -286,7 +286,8 @@ window.autosave = function() {
});
}
wpCookies.set( 'wp-saving-post', post_id + '-check', 24 * 60 * 60 );
var secure = ( 'https:' === window.location.protocol );
wpCookies.set( 'wp-saving-post', post_id + '-check', 24 * 60 * 60, false, false, secure );
});
}

File diff suppressed because one or more lines are too long

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.4-alpha-34026';
$wp_version = '4.4-alpha-34027';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.