Use SSL-aware cookie setting for WordPress authentication (#2026)

ivan-ottinger · web-flow · commit 0fab41e2adca · 2025-11-07T09:08:42.000+01:00
diff --git a/src/lib/wordpress-provider/playground-cli/mu-plugins.ts b/src/lib/wordpress-provider/playground-cli/mu-plugins.ts
@@ -416,7 +416,7 @@ function getStandardMuPlugins( options: Partial< WordPressServerOptions > ): MuP
 			}
 
 			wp_set_current_user( $user->ID, $user->user_login );
-			wp_set_auth_cookie( $user->ID, true, false );
+			wp_set_auth_cookie( $user->ID, true, is_ssl() );
 			do_action( 'wp_login', $user->user_login, $user );
 			$redirect_url = isset( $_GET['redirect_to'] ) ? $_GET['redirect_to'] : home_url();
 			wp_safe_redirect( $redirect_url );

Original file line number	Diff line number	Diff line change
`@@ -416,7 +416,7 @@ function getStandardMuPlugins( options: Partial< WordPressServerOptions > ): MuP`
`416`	`416`	`}`
`417`	`417`
`418`	`418`	`wp_set_current_user( $user->ID, $user->user_login );`
`419`		`- wp_set_auth_cookie( $user->ID, true, false );`
	`419`	`+ wp_set_auth_cookie( $user->ID, true, is_ssl() );`
`420`	`420`	`do_action( 'wp_login', $user->user_login, $user );`
`421`	`421`	`$redirect_url = isset( $_GET['redirect_to'] ) ? $_GET['redirect_to'] : home_url();`
`422`	`422`	`wp_safe_redirect( $redirect_url );`