[wp-trac] [WordPress Trac] #31779: Warn users before using a built-in file editor for the first time
WordPress Trac
noreply at wordpress.org
Sat Aug 27 16:15:16 UTC 2016
#31779: Warn users before using a built-in file editor for the first time
----------------------------------------+---------------------------------
Reporter: helen | Owner: helen
Type: enhancement | Status: reviewing
Priority: normal | Milestone: Awaiting Review
Component: Themes | Version:
Severity: normal | Resolution:
Keywords: good-first-bug needs-patch | Focuses: ui, administration
----------------------------------------+---------------------------------
Comment (by voldemortensen):
Replying to [comment:28 brocheafoin]:
> Replying to [comment:25 boogah]:
> > It'd be nice to have the ability to not hide the interstitial after it
has been dismissed though. Via a filter, perhaps?
>
> I don't see the use case for this. If you're that worried about your
users that you want them to see the warning all the time, you should
probably just DISALLOW_FILE_EDIT.
>
> Design-wise, I think the interstitial should be as in-your-face as
Chrome or Firefox' [http://phishing.safebrowsingtest.com/ malware/phishing
warning]. It really _is_ the most dangerous part of the WordPress admin.
One false move could turn your whole site, including the admin, into a
white screen of death.
I think you just provided a use case. If it is indeed the most dangerous
part of the admin, it should have reminders. Chrome and Firefox don't just
show you a phishing warning for one site and then never warn you again.
They do allow you to click through details, and then visit the site. But I
don't think there's a way to permanently dismiss a phishing warning for a
site (other than doing something like --disable-web-security in chromium
or similar for other browsers).
I think it should show every time a file editor is loaded by default,
with a filter to only show it once or disable it.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/31779#comment:32>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list