Making WordPress.org

Opened 4 years ago

Closed 3 years ago

#3108 closed defect (fixed)

Plugin Directory: Logging in from a plugin page redirects to the home page

Reported by: SergeyBiryukov Owned by: Otto42
Milestone: Priority: normal
Component: Login & Authentication Keywords: has-patch needs-testing


  1. If you're logged in, log out.
  2. Go to a plugin page like https://wordpress.org/plugins/akismet/.
  3. Click Log In in the Toolbar.
  4. Upon login, you're redirected to https://wordpress.org/plugins/ instead of the plugin page.

Attachments (1)

3108.diff (1.7 KB) - added by obenland 3 years ago.

Download all attachments as: .zip

Change History (13)

#1 @SergeyBiryukov
4 years ago

Support forums apparently have a workaround for this, added in [4613]. We could probably add a similar workaround to the Plugin Directory, but it seems like something that should be fixed in the WPOrg_SSO class itself.

Last edited 4 years ago by SergeyBiryukov (previous) (diff)

#2 follow-up: @Otto42
4 years ago

There's nothing wrong with the SSO class. If it's being passed the wrong redirect_to link, then that's the problem.

#3 in reply to: ↑ 2 @SergeyBiryukov
4 years ago

Replying to Otto42:

There's nothing wrong with the SSO class. If it's being passed the wrong redirect_to link, then that's the problem.

Shouldn't it redirect to the previous page by default? The workaround in [4613] doesn't seem specific to the forums, is there a reason the SSO class can't parse $_SERVER['REQUEST_URI'] itself?

#4 @Otto42
4 years ago

Shouldn't it redirect to the previous page by default?

Well, yes, but in this case it's actually sending a redirect_to with just the /plugins/ URL. So it's still getting the wrong URL from the plugins directory.

I'll look into it.

#5 @Otto42
4 years ago

  • Owner set to Otto42
  • Status changed from new to accepted

#6 @Otto42
4 years ago

  • Resolution set to fixed
  • Status changed from accepted to closed

In 6207:

Plugins: Fix the redirect_to URL in the same way as the support forums. Fixes #3108

#7 @SergeyBiryukov
4 years ago

In 6801:

Plugin Directory: In ::fix_login_url():

  • Only adjust the login URL for Single Sign-On (SSO) plugin if the plugin is active, use the normal redirect_to method otherwise.
  • Use $_SERVER['HTTP_HOST'] instead of hardcoded wordpress.org domain.

Merges [4944] from support forums.
See #3108.

#8 @obenland
3 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

I just ran into that weird WPOrg_SSO while trying to find out why I'm not being redirected to my profile when using wp_login_url().

This is clearly an issue with WPOrg_SSO::login_url() being used as a callback to the login_url filter and not handling the passed parameters correctly.

Is WPOrg_SSO::login_url() used anywhere other than as that filter callback that prevents us from just fixing the parameters?

3 years ago

#9 @obenland
3 years ago

  • Keywords has-patch needs-testing added

@SergeyBiryukov @Otto42 Would you mind testing my patch on your sandboxes and see if it needs adjustment?

#10 @obenland
3 years ago

@SergeyBiryukov @Otto42 I'd like to land this this week, do you think you'll have time to take my patch for a spin today or tomrrow?

#11 @Otto42
3 years ago

Sorry, missed the notification a couple weeks ago. I'll check it out shortly.

#12 @dd32
3 years ago

  • Component changed from Plugin Directory to Login & Authentication
  • Resolution set to fixed
  • Status changed from reopened to closed

3108.diff was basically committed in [7689] through #3794.

Apparently I've been running a variant of it for quite possibly just as long as the patch has been here and not seen any issues.

Closing this as fixed based on the above.

Note: See TracTickets for help on using tickets.