From 44bd6e5615f485db7712b7d107b3fd2507f14b7f Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov@git.wordpress.org>
Date: Mon, 17 Jun 2019 19:16:16 +0000
Subject: [PATCH] Bootstrap/Load: Set expiration of the recovery mode cookie to
 the same amount of time for which the token in it is valid: a week by
 default.

Props david.binda, TimothyBlynJacobs.
Fixes #47480.

git-svn-id: https://develop.svn.wordpress.org/trunk@45545 602fd350-edb4-49c9-b593-d223f7449a82
---
 .../class-wp-recovery-mode-cookie-service.php | 22 +++++++++++--------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/src/wp-includes/class-wp-recovery-mode-cookie-service.php b/src/wp-includes/class-wp-recovery-mode-cookie-service.php
index ebc62d0afd..ff042c5318 100644
--- a/src/wp-includes/class-wp-recovery-mode-cookie-service.php
+++ b/src/wp-includes/class-wp-recovery-mode-cookie-service.php
@@ -35,10 +35,20 @@ final class WP_Recovery_Mode_Cookie_Service {
 
 		$value = $this->generate_cookie();
 
-		setcookie( RECOVERY_MODE_COOKIE, $value, 0, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
+		/**
+		 * Filter the length of time a Recovery Mode cookie is valid for.
+		 *
+		 * @since 5.2.0
+		 *
+		 * @param int $length Length in seconds.
+		 */
+		$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
+		$expire = time() + $length;
+
+		setcookie( RECOVERY_MODE_COOKIE, $value, $expire, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
 
 		if ( COOKIEPATH !== SITECOOKIEPATH ) {
-			setcookie( RECOVERY_MODE_COOKIE, $value, 0, SITECOOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
+			setcookie( RECOVERY_MODE_COOKIE, $value, $expire, SITECOOKIEPATH, COOKIE_DOMAIN, is_ssl(), true );
 		}
 	}
 
@@ -83,13 +93,7 @@ final class WP_Recovery_Mode_Cookie_Service {
 			return new WP_Error( 'invalid_created_at', __( 'Invalid cookie format.' ) );
 		}
 
-		/**
-		 * Filter the length of time a Recovery Mode cookie is valid for.
-		 *
-		 * @since 5.2.0
-		 *
-		 * @param int $length Length in seconds.
-		 */
+		/** This filter is documented in wp-includes/class-wp-recovery-mode-cookie-service.php */
 		$length = apply_filters( 'recovery_mode_cookie_length', WEEK_IN_SECONDS );
 
 		if ( time() > $created_at + $length ) {