[wp-trac] [WordPress Trac] #57913: Attachment pages need to have an "on" toggle
WordPress Trac
noreply at wordpress.org
Thu Jan 25 19:41:40 UTC 2024
#57913: Attachment pages need to have an "on" toggle
---------------------------------------------+-----------------------------
Reporter: joostdevalk | Owner: SergeyBiryukov
Type: enhancement | Status: closed
Priority: normal | Milestone: 6.4
Component: Media | Version:
Severity: normal | Resolution: fixed
Keywords: add-to-field-guide has-dev-note | Focuses:
---------------------------------------------+-----------------------------
Comment (by jorbin):
In [changeset:"57358" 57358]:
{{{
#!CommitTicketReference repository="" revision="57358"
Media: Redirect inactive attachment pages for logged-out users.
Ensure logged out users are redirected to the media file when attachment
pages are inactive. This removes the read_post capability check from the
canonical redirects as anonymous users lack the permission.
This was previously committed in [57310] before being reverted in [57318].
This update includes a fix to cover instances where revealing a URL could
be considered a data leak and greatly expands the unit tests to ensure
that this is covered along with many other instances.
Follow-up to [56657], [56658], [56711], [57310], [57318].
Reviewed by joemcgill.
Merges [57357] to 6.4 branch.
Props peterwilsoncc, jorbin, afercia, aristath, chesio, joppuyo, jorbin,
lakshmananphp, poena, sergeybiryukov, swissspidy, johnbillion, mukesh27.
Fixes #59866.
See #57913.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57913#comment:75>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list