[wp-trac] [WordPress Trac] #57388: For App Passwords in non-HTTPS websites, WordPress asks for development environment, but actually requires local
WordPress Trac
noreply at wordpress.org
Wed Dec 28 01:20:46 UTC 2022
#57388: For App Passwords in non-HTTPS websites, WordPress asks for development
environment, but actually requires local
-----------------------------------+------------------------------
Reporter: drtimofey | Owner: (none)
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Application Passwords | Version: 6.1.1
Severity: normal | Resolution:
Keywords: | Focuses:
-----------------------------------+------------------------------
Changes (by sabernhardt):
* component: Administration => Application Passwords
Old description:
> When attempting to set Application Passwords on a non-HTTPS website (i.e.
> http://localhost), WordPress says it needs the development environment to
> be declared (creating an assumption it needs to be
> WP_ENVIRONMENT_TYPE=development). However, in actuality, WordPress
> requires WP_ENVIRONMENT_TYPE to be set to 'local', not 'development'.
>
> To reproduce:
> - Deploy a non-HTTPS instance (i.e. http://localhost)
> - Set WP_ENVIRONMENT_TYPE constant to 'development' in wp-config.php,
> i.e. - define('WP_ENVIRONMENT_TYPE', 'development');
> - Go to /wp-admin/profile.php and edit any user
> - Under Application Passwords the following messages is posted, despite
> the environment being set to development:
>
> The application password feature requires HTTPS, which is not enabled
> on this site.
> If this is a development website you can [set the environment type
> accordingly](https://developer.wordpress.org/apis/wp-config-php/#wp-
> environment-type) to enable application passwords.
>
> Solution:
> - Either clarify the instructions to say to set it to 'local', not
> 'development'
> OR
> - Update the wp_is_application_passwords_supported() function to accept
> the development environment.
>
> This ticket is related to [ticket:53658 #53658].
New description:
When attempting to set Application Passwords on a non-HTTPS website (i.e.
`http://localhost`), WordPress says it needs the development environment
to be declared (creating an assumption it needs to be
`WP_ENVIRONMENT_TYPE=development`). However, in actuality, WordPress
requires `WP_ENVIRONMENT_TYPE` to be set to 'local', not 'development'.
To reproduce:
- Deploy a non-HTTPS instance (i.e. `http://localhost`)
- Set `WP_ENVIRONMENT_TYPE` constant to 'development' in `wp-config.php`,
i.e. - `define('WP_ENVIRONMENT_TYPE', 'development');`
- Go to `/wp-admin/profile.php` and edit any user
- Under Application Passwords the following messages is posted, despite
the environment being set to development:
The application password feature requires HTTPS, which is not enabled on
this site.
If this is a development website you can [set the environment type
accordingly](https://developer.wordpress.org/apis/wp-config-php/#wp-
environment-type) to enable application passwords.
Solution:
- Either clarify the instructions to say to set it to 'local', not
'development'
OR
- Update the `wp_is_application_passwords_supported()` function to accept
the development environment.
This ticket is related to [ticket:53658 #53658].
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/57388#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list