[wp-trac] [WordPress Trac] #16780: admin-bar shouldn't be served via /wp-admin
WordPress Trac
wp-trac at lists.automattic.com
Sun Mar 6 23:50:41 UTC 2011
#16780: admin-bar shouldn't be served via /wp-admin
-----------------------------+-----------------------------
Reporter: robertaccettura | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version: 3.1
Severity: normal | Keywords:
-----------------------------+-----------------------------
Ideally the admin-bar shouldn't serve anything out of /wp-admin since some
users .htaccess protect by IP or password. The chart however is. This is
fine normally but since cookies don't abide by the same expiration
policies as other security mechanisms you can end up with a password
prompt on every page, or just a 403.
Ideally a php file in /wp-includes for the chart would be better.
Seeing this behavior in 3.1.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16780>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list