#3821 closed enhancement (fixed)
Improve Trac Logout - Return user to current page
Reported by: | garrett-eclipse | Owned by: | dd32 |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | Login & Authentication | Keywords: | |
Cc: |
Description
Hello,
If you use the logout function many places around the wp.org network it often just reloads the current page with you logged out. For example logging out from a profile page (https://profiles.wordpress.org/garrett-eclipse) simply reloads leaving you on the current page.
On the Trac sites instead of doing the logout on reload it takes you to https://login.wordpress.org/logout when you then have to click log out again and are finally left at https://login.wordpress.org/loggedout/ which only has a link 'Back to login', so to return to the original page you have to go back in browser history two pages.
It would be very useful to adopt the reload logout method found other places so clicking logout on Trac simply reloads the page with you logged out. If that's not possible I wonder if the loggedout page can either redirect you back to the original page or at least provide a link back to the original page.
I believe this is actually what @joyously encountered when she made this comment;
https://meta.trac.wordpress.org/ticket/3794#comment:8
To reproduce.. simply hit Logout at the top of this Trac ticket.
Thanks
Attachments (2)
Change History (9)
#3
@
6 years ago
This isn't 100% straight forward, as the Logout
link in Trac isn't a link at all.
The logout on Trac is a form, which once submitted to Trac is redirected to the login logout functionality without a nonce. The nonce is required to prevent a user maliciously logging out users (ie. inserting an image into a trac ticket of https://login.wordpress.org/logout?yes-i-really-want-to
), and Trac can't generate that nonce.
With r7696 we'll be able to update the nginx redirect on Trac to pass the referer through, but I'll need to make a systems request to get that actioned.
It should just be changing a nginx location block to something like this I think:
location = /logout { return 301 https://login.wordpress.org/logout?redirect_to=$http_referer; }
Logout page - https://login.wordpress.org/logout