[wp-trac] [WordPress Trac] #51638: Add Site Health test for verifying the Authorization header works as expected
WordPress Trac
noreply at wordpress.org
Tue Oct 27 03:43:44 UTC 2020
#51638: Add Site Health test for verifying the Authorization header works as
expected
-------------------------------+--------------------
Reporter: TimothyBlynJacobs | Owner: (none)
Type: task (blessed) | Status: new
Priority: normal | Milestone: 5.6
Component: Site Health | Version: trunk
Severity: normal | Keywords:
Focuses: rest-api |
-------------------------------+--------------------
Application Passwords utilizes the `Authorization` header to pass the
Basic Authentication credentials. In [https://github.com/WordPress
/application-passwords/wiki/Basic-Authorization-Header----Missing some
server configurations], the values sent in the `Authorization` header
won't reach WordPress.
Because of this, we added the
`wp_populate_basic_auth_from_authorization_header()` and the `RewriteRule
.* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]` Mod Rewrite rule. This
should account for the vast majority of failures.
This patch adds a test to Site Health to verify that the Authorization
header is working as expected. If it isn't, we direct the user to the
Permalinks screen which will regenerate their `.htaccess` file in case the
rule was missing.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/51638>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list