[wp-trac] [WordPress Trac] #55659: User without post lock can overwrite changes of user with lock via autosave
WordPress Trac
noreply at wordpress.org
Tue May 3 15:22:53 UTC 2022
#55659: User without post lock can overwrite changes of user with lock via autosave
--------------------------+------------------------------
Reporter: jhart35 | Owner: adamsilverstein
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Autosave | Version: 5.9.3
Severity: normal | Resolution:
Keywords: needs-patch | Focuses: rest-api
--------------------------+------------------------------
Changes (by adamsilverstein):
* owner: (none) => adamsilverstein
* status: new => assigned
Comment:
@jhart35 thanks for raising this issue and for the instructions on how to
reproduce. I'm not sure if the fix belongs in the REST controller or in
Gutenberg where the autosave is triggered (and maybe shouldn't be).
Altering the REST API endpoint might still result in overwriting if the
post lock saving collides with a save.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55659#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list