[wp-trac] [WordPress Trac] #32602: View Details links for plugins on individual sites on a Multisite Network use the network admin URL
WordPress Trac
noreply at wordpress.org
Tue Jun 9 21:05:32 UTC 2015
#32602: View Details links for plugins on individual sites on a Multisite Network
use the network admin URL
--------------------------+-----------------------------
Reporter: Ipstenu | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version: 4.0
Severity: normal | Keywords:
Focuses: multisite |
--------------------------+-----------------------------
To duplicate, make sure you allow the plugins.php page to show on subites.
Have (at least) one plugin that is ''not'' network activate and go to an
individual site's plugin.php page.
The URL for "View details" will be for the network admin, not the site.
With WP installed at example.com:
example.com/subsite/wp-admin/plugins.php links to example.com/wp-admin...
subsite.example.com/wp-admin/plugins.php links to example.com/wp-admin...
mappeddomain.com/wp-admin/plugins.php links to example.com/wp-admin...
This is problematic when you have admin over HTTPS and the cross-site-
scripting sanity check stops the view-details page from loading.
`/wp-admin/includes/class-wp-plugins-list-table.php` line 628 has
`network_admin_url()` in there, which is why it's defaulting to the
network domain.
https://core.trac.wordpress.org/ticket/17902#comment:31 and
https://core.trac.wordpress.org/changeset/29595 appear to be where this
issue stems from.
To quote @jjj "It probably just needs a series of `is_multisite()` and
`is_plugin_active_for_network()` checks."
The URL should probably just default to whatever the URL of the current
site is, to prevent cross-site shenanigans.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/32602>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list