[wp-trac] [WordPress Trac] #39224: Wordpress REST API and Authentication header
WordPress Trac
noreply at wordpress.org
Sat Dec 10 11:47:47 UTC 2016
#39224: Wordpress REST API and Authentication header
----------------------------+-----------------------------
Reporter: Lucas_Lobosque | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 4.7
Severity: normal | Keywords:
Focuses: rest-api |
----------------------------+-----------------------------
Bottom Line: The Authentication header is unreliable and get dropped by
most servers unless a modification is made to .htaccess
As per https://github.com/WP-API/WP-API/issues/2512 this was a known issue
but it was decided to take no action - "just configure your server the
right way".
But I wonder why not fix this issue by updating the default .htaccess to
pass through the Authentication header?
The REST API allows a whole new level of interaction with wordpress based
websites that was not possible before. However, most Wordpress Users do
not even know what .htaccess is! So lacking the hability to make it work
by just installing plugins kind of undermines the whole premise of the
REST API.
The fix is described here: https://github.com/WP-API/Basic-Auth/issues/35
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39224>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list