Skip to content

Setting cookie from cookie does not need to be sanitized #2019

New issue
New issue
Open
Open
Setting cookie from cookie does not need to be sanitized#2019
Labels
Focus: SecurityStatus: Needs investigationType: Enhancement
@kkmuffme

Description

@kkmuffme
kkmuffme
opened on Dec 1, 2021

e.g. when resetting/increasing lifetime of a cookie

setcookie( $cookie, $_COOKIE[ $cookie ], time() + 86400, '/' )
setcookie( 'hello', $_COOKIE[ $cookie ], time() + 86400, '/' )

currently gives an error for WordPress.Security.ValidatedSanitizedInput

EDIT: use case: safari ITP HTTP cookie handling for JS cookies.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Focus: SecurityStatus: Needs investigationType: Enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions