Set the secure flag on the wp-saving-post cookie when using HTTPS.
This cookie doesn't contain any sensitive information, but this change brings its behaviour in line with all other core cookies. Fixes #31056 Built from https://develop.svn.wordpress.org/trunk@34027 git-svn-id: http://core.svn.wordpress.org/trunk@33996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
John Blackbourn
@@ -286,7 +286,8 @@ window.autosave = function() {
|
||||
});
|
||||
}
|
||||
|
||||
wpCookies.set( 'wp-saving-post', post_id + '-check', 24 * 60 * 60 );
|
||||
var secure = ( 'https:' === window.location.protocol );
|
||||
wpCookies.set( 'wp-saving-post', post_id + '-check', 24 * 60 * 60, false, false, secure );
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
2
wp-includes/js/autosave.min.js
vendored
2
wp-includes/js/autosave.min.js
vendored
File diff suppressed because one or more lines are too long
Reference in New Issue
Block a user