[wp-trac] Re: [WordPress Trac] #6473: Wordpress 2.5 fails to allow
file uploads if you use .htaccess to secure wp-admin
WordPress Trac
wp-trac at lists.automattic.com
Mon Mar 31 16:08:33 GMT 2008
#6473: Wordpress 2.5 fails to allow file uploads if you use .htaccess to secure
wp-admin
----------------------------+-----------------------------------------------
Reporter: hexley | Owner: anonymous
Type: defect | Status: new
Priority: low | Milestone: 2.6
Component: Administration | Version: 2.5
Severity: normal | Resolution:
Keywords: |
----------------------------+-----------------------------------------------
Comment (by hexley):
I am confused about setting this to 2.6, seems a long way out. Look at
the thread linked ab uploader ove, most are resorting to disabling mod
sec, and I have a feeling they have no idea what they are disabling.
This is saying we should all no longer follow the numerous posts out there
to secure your ap-admin area, and rely on the built in security of a wp
login and pass form.
Is this a confirmation that my analysis of the bug is correct in that the
auth'd credentials are not getting passed to the flash?
--
Ticket URL: <http://trac.wordpress.org/ticket/6473#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list