[wp-trac] [WordPress Trac] #49110: Add ability to lock/restrict public REST API access from WP Admin
WordPress Trac
noreply at wordpress.org
Thu Jan 2 10:33:19 UTC 2020
#49110: Add ability to lock/restrict public REST API access from WP Admin
-------------------------+------------------------------------------------
Reporter: apedog | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: | Focuses: administration, rest-api, privacy
-------------------------+------------------------------------------------
Comment (by apedog):
> You have to know that these templates exist, the exact same way you
would know about REST.
I emphatically disagree.
Installing WordPress and hacking away at the default theme is a common
(and ''encouraged'') use-case.
It requires only basic knowledge of HTML and PHP and a willingness to read
about the templates and WP in general. A very low technical barrier.
Knowing REST, or even knowing ''of'' REST, is not a requirement. Nor
should it be.
- WP Admin area ''must'' (IMO) afford to its user as much control of the
REST API as it affords to robots.txt and the RSS feed.
- WP Admin area ''must'' (IMO) afford to its user as information about
REST API as it gives about RSS.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49110#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list