[wp-trac] [WordPress Trac] #16483: Visibility: password-protected exposes multiple pages
WordPress Trac
wp-trac at lists.automattic.com
Mon Feb 7 19:02:15 UTC 2011
#16483: Visibility: password-protected exposes multiple pages
--------------------------+-----------------------------
Reporter: monkeyhouse | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.0.4
Severity: minor | Keywords:
--------------------------+-----------------------------
1. password protect a page ('protected') with a password
2. password protect another page ('thistoo') with the SAME password
3. visit 'protected' and enter the password. Page is visible
4. visit 'thistoo'; expected: prompt for password. What happens: Page is
visible
Regardless of whether someone with a password has the right to try it in
as many pages as they want (and would therefore successfully see the page
if the passwords were the same), the user should still be prompted on a
page-by-page basis. Global authentication to multiple pages is possible
with user accounts and roles. It should not be possible with visibility:
password-protected pages.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16483>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list