【问题标题】:WordPress wp_signon() succeeds but no cookie is attached to response headerWordPress wp_signon() 成功但没有 cookie 附加到响应标头
【发布时间】:2013-05-31 05:03:14
【问题描述】:

我正在对 WordPress 前端用户登录表单的问题进行故障排除。该代码适用于开发服务器上的同一站点,但不适用于生产服务器。

在生产服务器上,身份验证通过,wp_signon() 返回一个完整的用户对象,但是 cookie 没有被插入到响应流中。

以下代码演示了这一点:

$user = wp_signon( '', $secure_cookie );
var_dump($user);

当使用 Fiddler 嗅探数据包时,这是生产服务器返回的内容:

HTTP/1.1 302 Found
Server: cloudflare-nginx
Date: Fri, 24 May 2013 07:53:01 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://www.domain.com/blog/xmlrpc.php
X-Frame-Options: SAMEORIGIN
Location: http://www.domain.com/log-in/
Vary: Accept-Encoding,User-Agent
X-Cacheable: YES:FORCED
X-Varnish: 1753703763
Age: 0
Via: 1.1 varnish
X-Cache: MISS
CF-RAY: 73868e9b8da0418
Content-Length: 802

object(WP_User)#329 (7) {
["data"]=>
object(stdClass)#388 (10) {
["ID"]=>
string(2) "53"
["user_login"]=>
string(14) "SubscriberTest"
["user_pass"]=>
string(34) "$P$B8O8w6awJnKrHNoFLOyHJHfKiPE1nt/"
["user_nicename"]=>
string(14) "subscribertest"
["user_email"]=>
string(33) "SubscriberTest@domain.com"
["user_url"]=>
string(0) ""
["user_registered"]=>
string(19) "2013-05-23 05:56:42"
["user_activation_key"]=>
string(0) ""
["user_status"]=>
string(1) "0"
["display_name"]=>
string(14) "SubscriberTest"
}
["ID"]=>
int(53)
["caps"]=>
array(1) {
["subscriber"]=>
bool(true)
}
["cap_key"]=>
string(15) "wp_capabilities"
["roles"]=>
array(1) {
[0]=>
string(10) "subscriber"
}
["allcaps"]=>
array(3) {
["read"]=>
bool(true)
["level_0"]=>
bool(true)
["subscriber"]=>
bool(true)
}
["filter"]=>
NULL
}

WordPress 控制面板登录仍然有效,并且在登录后端时插入了 cookie。

生产服务器也在使用 CloudFlare,但我不确定这是否相关。我也向 Cloud Flare 发送了支持票,希望他们能够确认他们的代理服务是否可能会剥离它们。

这是我的开发服务器上运行相同代码时响应标头部分的样子。在这个中,您可以看到正在发送 cookie:

HTTP/1.1 302 Found
Date: Fri, 24 May 2013 02:18:23 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: W3 Total Cache/0.9.2.11
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Pingback: http://domain.com/blog/xmlrpc.php
X-Frame-Options: SAMEORIGIN
Set-Cookie: wordpress_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7C08d4578ca9049beadffa39e0be0ea941; path=/blog/wp-content/plugins; httponly
Set-Cookie: wordpress_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7C08d4578ca9049beadffa39e0be0ea941; path=/blog/wp-admin; httponly
Set-Cookie: wordpress_logged_in_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7Cc41eb224ebec7f57982d0f93e70f7cff; path=/; httponly
Set-Cookie: wordpress_logged_in_548d950a57c83d7fc5c2eb781062ef26=SubscriberTest%7C1369534704%7Cc41eb224ebec7f57982d0f93e70f7cff; path=/blog/; httponly
Location: http://domain.com/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

【问题讨论】:

  • 希望早上的工作人员有一些想法。我已经和这个家伙战斗了一个多星期了,我今天真的需要在周末离开之前把它修好。 : (

标签: wordpress cookies customization


【解决方案1】:

我终于发现 Varnish 正在生产服务器上运行,它正在剥离 cookie。添加 URL 排除项后,WP 功能开始按预期工作。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2017-08-30
    • 1970-01-01
    • 2011-08-01
    • 2016-05-13
    • 1970-01-01
    • 2011-12-12
    • 2019-09-05
    • 2020-11-22
    相关资源
    最近更新 更多