learn_press_setcookie causes security test failure | ww.wp.xz.cn

perryrylance
(@perryrylance)

3 years, 6 months ago

Hi folks

The function learn_press_setcookie is causing one of our clients sites to fail security tests.

This function has false as the default for $secure and $httponly.

This is called in lp-user-functions.php on line 1160 in the function learn_press_set_user_cookie_for_guest.

This overrides our PHP ini settings to force secure and httponly, resulting in the site failing security tests.

If this can’t be changed, then is it possible to add a hook / filter somewhere around these functions so that we can override this on this particular site?

Kind regards
– Perry

Viewing 1 replies (of 1 total)

Plugin Support brianvu-tp
(@briantp)

3 years, 6 months ago

Hi,

In version 4.2 we will remove that function, please wait, it will release soon.

Thanks

Viewing 1 replies (of 1 total)

The topic ‘learn_press_setcookie causes security test failure’ is closed to new replies.

1 reply
2 participants
Last reply from: brianvu-tp
Last activity: 3 years, 6 months ago
Status: not resolved