[wp-trac] [WordPress Trac] #16776: Preview broken on mapped domains with multisite-/network-install when privacy settings are strict

WordPress Trac wp-trac at lists.automattic.com
Sun Mar 6 13:58:18 UTC 2011 

#16776: Preview broken on mapped domains with multisite-/network-install when
privacy settings are strict
---------------------------+-----------------------------
 Reporter:  stealingisbad  |      Owner:
     Type:  defect (bug)   |     Status:  new
 Priority:  normal         |  Milestone:  Awaiting Review
Component:  Multisite      |    Version:  3.1
 Severity:  major          |   Keywords:
---------------------------+-----------------------------
 Given:
 * a multisite install at example.org configured for sub-domains
 * a blog called "foo" at foo.example.org
 * a domain mapping www.foo.com -> foo.example.org
 * www.foo.com set as PRIMARY domain for that blog

 There are different ways to set this up. While some break the preview
 altogether, some deny remote logins and thus require entering credentials
 over and over again.

 Here is the setup which "only" breaks the preview if the privacy settings
 require login to simply view a blog (private blog):


 '''Set these two checkboxes:'''

 Tools > Domain Mapping > '''Remote Login''' & '''Redirect administration
 pages to site's original domain''' (remote login disabled if this redirect
 is disabled)


 '''At the specific blog:'''

 1. Network Admin > Sites > BLOGNAME > Edit
 2. Under "Info" > Domain: '''foo.example.org''' (if set to www.foo.com it
 would deny remote logins)
 3. Under "Settings" > Siteurl: '''foo.example.org''' (if set to
 www.foo.com it would deny remote logins
 4. Under "Settings" > Home: '''www.foo.com''' (setting this to
 foo.example.org breaks the preview)

 The above works nice for most situations. It allows the super admin to
 conviniently switch between sub-sites and preview works for public sites.

 '''The ERROR:'''
 For private sites (login required to view contents), the problem forms
 like this:

 1. Super Admin is logged in to foo.example.org and edits a Post
 2. The "Preview" button links to (e.g.)
 http://www.foo.com/?p=47&preview=true
 3. Clicking that button tries to open the respective URL, BUT ...
 4. ... that URL is redirecting to http://foo.example.org/wp-login.php in
 order to request a login (note the '''Redirect administration pages to
 site's original domain''' above in combination with the strict privacy
 setting)
 5. Now, even if you login correctly, the original preview-link will be
 forgotten and you'll land back at the Dashboard (at http://foo.example.org
 /wp-admin/)

 As a result, '''currently''' the admin has to decide on one of three
 "evils":
 1. denied previews altogether
 2. denied remote logins (no fast switching between blogs)
 3. denied previews for restricted blogs

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/16776>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list