#134 closed defect (fixed but pending verification)
Page becoming password protected on update/publish
| Reported by: | ngernert | Owned by: | |
|---|---|---|---|
| Priority: | blocker | Milestone: | 1.2 |
| Component: | Publishing | Version: | 1.2 beta |
| Keywords: | password protected | Cc: |
Description
When editing and saving existing published pages on both WordPress?.org and WordPress?.com sites, the page becomes password protected using the logged in user's current password. It shouldn't be automatically marking the page as password protected, and the choice of using the current user's password makes the password available in plain text to other users who can edit the post.
Change History (5)
comment:1 Changed 4 years ago by ngernert
- Component changed from About to Publishing
comment:2 Changed 4 years ago by josephscott
- Priority changed from major to blocker
comment:3 Changed 4 years ago by janakirampalepu
- Resolution set to fixed but pending verification
- Status changed from new to closed
Fixed the issue in the latest version present in the trunk.
comment:4 Changed 4 years ago by josephscott
Just tried this again in -trunk, the app is not longer setting passwords for all Page edits.
comment:5 Changed 4 years ago by ngernert
Tested as well and I concur, the app is no longer setting passwords for all page edits.
Note: See
TracTickets for help on using
tickets.
Confirmed, I was able to duplicate this problem on a WPORG blog running -trunk. The app is specifically setting the wp_password field for the Page when it calls the wp.editPage method. It is using the same password that the blog account used.