Skip to content

Instantly share code, notes, and snippets.

@drzraf

drzraf/strip-cookies.2.patch

Created April 30, 2026 20:04
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save drzraf/7c4a32d0fd0cb7390793e5c71f2f878a to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save drzraf/7c4a32d0fd0cb7390793e5c71f2f878a to your computer and use it in GitHub Desktop.
Download ZIP
WordPress #50522 patch
Raw
strip-cookies.2.patch
diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php
# https://core.trac.wordpress.org/raw-attachment/ticket/50522/strip-cookies.2.patch (gist'ed since WP now requires auth to download raw file)
index 2ebfb405c4..9d47e388b5 100644
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@@ -982,27 +982,25 @@ function wp_clear_auth_cookie() {
// Auth cookies.
setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN );
setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN );
- setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
- setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
+
+ if ( strpos( PLUGINS_COOKIE_PATH, ADMIN_COOKIE_PATH ) !== 0 ) {
+ setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
+ }
+
+ if ( strpos( PLUGINS_COOKIE_PATH, ADMIN_COOKIE_PATH ) !== 0 ) {
+ setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
+ }
+
setcookie( LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
- setcookie( LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
+
+ if ( strpos( SITECOOKIEPATH, COOKIEPATH ) !== 0 ) {
+ setcookie( LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
+ }
// Settings cookies.
setcookie( 'wp-settings-' . get_current_user_id(), ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
setcookie( 'wp-settings-time-' . get_current_user_id(), ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
- // Old cookies.
- setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
- setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
- setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
- setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
-
- // Even older cookies.
- setcookie( USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
- setcookie( PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
- setcookie( USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
- setcookie( PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
-
// Post password cookie.
setcookie( 'wp-postpass_' . COOKIEHASH, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment