diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 0de6b0cc78..61b809c542 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -900,6 +900,17 @@ function wp_set_auth_cookie( $user_id, $remember = false, $secure = '', $token = */ do_action( 'set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in' ); + /** + * Allows preventing auth cookies from actually being sent to the client. + * + * @since 4.7.4 + * + * @param bool $send Whether to send auth cookies to the client. + */ + if ( ! apply_filters( 'send_auth_cookies', true ) ) { + return; + } + setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true); @@ -922,6 +933,17 @@ function wp_clear_auth_cookie() { */ do_action( 'clear_auth_cookie' ); + /** + * Allows preventing auth cookies from actually being sent to the client. + * + * @since 4.7.4 + * + * @param bool $send Whether to send auth cookies to the client. + */ + if ( ! apply_filters( 'send_auth_cookies', true ) ) { + return; + } + setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN ); setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN ); setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN ); diff --git a/wp-includes/version.php b/wp-includes/version.php index a60afe9f26..98fd94fd61 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.8-alpha-40238'; +$wp_version = '4.8-alpha-40239'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.