Making WordPress.org


Ignore:
Timestamp:
01/20/2016 03:19:31 PM (8 years ago)
Author:
stephdau
Message:

WordPress.org SSO: Improvement: Try to send people back to a better destination that just https://login.wordpress.org/loggedout/ (kept as fallback) when logging out, such as the page they instigated the logout from.

If said page is public, they will be sent bacck,loged out. If said page is private, they will once again be promted to login, as if they had accessed it directly.

See #1524

File:
1 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/common/includes/wporg-sso/class-wporg-sso.php

    r2314 r2336  
    9696         */
    9797        protected function _get_safer_redirect_to() {
    98             // Setup a default redirect to URL, with a safe version toonly change if validation succeeds below.
    99             $redirect_to  = 'https://wordpress.org/';
     98            // Setup a default redirect to URL, with a safe version to only change if validation succeeds below.
     99            $redirect_to = in_array( $_GET['action'], array( 'logout', 'loggedout' ) ) ? '/loggedout/' : 'https://wordpress.org/';
    100100           
    101101            if ( ! empty( $_REQUEST['redirect_to'] ) ) {
Note: See TracChangeset for help on using the changeset viewer.