[wp-trac] [WordPress Trac] #16483: Visibility: password-protected exposes multiple pages
WordPress Trac
wp-trac at lists.automattic.com
Tue Feb 8 04:54:02 UTC 2011
#16483: Visibility: password-protected exposes multiple pages
------------------------------------+------------------------------
Reporter: monkeyhouse | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.0.4
Severity: minor | Resolution:
Keywords: has-patch dev-feedback |
------------------------------------+------------------------------
Changes (by solarissmoke):
* keywords: => has-patch dev-feedback
Comment:
I agree that this shouldn't happen - although plain text passwords in
cookies aren't really going to prevent someone who is determined ;)
Here's one possible patch. It may cause some issues because previously
(and since WP 1.0.0) `get_the_password_form()` didn't require a post. I
can't find any instances in core that don't have a post (or implicit post
global) set, but I might have missed something.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16483#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list