[wp-trac] [WordPress Trac] #62040: Admin List "Mine" pages returns HTTP 403 Error

WordPress Trac noreply at wordpress.org
Thu Sep 12 15:40:59 UTC 2024 

#62040: Admin List "Mine" pages returns HTTP 403 Error
-------------------------------+------------------------------
 Reporter:  edtorrey           |       Owner:  (none)
     Type:  defect (bug)       |      Status:  new
 Priority:  normal             |   Milestone:  Awaiting Review
Component:  Posts, Post Types  |     Version:  6.6.2
 Severity:  normal             |  Resolution:
 Keywords:  reporter-feedback  |     Focuses:  administration
-------------------------------+------------------------------

Comment (by hellofromTonya):

 == Reproduction Report
 This report validates that the issue can be reproduced.

 === Environment
 - OS: macOS
 - Web Server: Nginx
 - PHP: 7.4.29
 - WordPress: 6.6.2
 - Browser: Firefox 130.0
 - Theme: Twenty Twenty-Four
 - Active Plugins: None

 === Steps to Reproduce

 Step up: Need to add at least 1 additional user and a post/page for this
 user.
 1. Log in using the admin account.
 2. Go to Users > Add New User to add a "tester1" user with Role of Author.
 3. In a separate browser or session, log in as the "tester1" user.
 4. Go to Pages > Add New Page to add and publish a test page.

 Testing the bug:
 1. As the tester1 user:
    a. Navigate back to Pages > All Pages table listing.
    b. Click on "Mine" to view this users' pages. 🐞 Bug occurs.
 2. As the admin user:
    a. Navigate back to Pages > All Pages table listing.
    b. Click on "Mine" to view this users' pages. 🐞 Bug occurs.

 === Expected Results

 When reproducing the reported bug:
 - ❌ As the tester1 user, a 403 forbidden should happen after Step 1b,
 clicking on "Mine".
 - ❌ As the admin user, a 403 forbidden should happen after Step 1b,
 clicking on "Mine".

 === Actual Results
 When attempting to reproduce the reported bug on 6.6.2:
 - ❌ As the tester1 user, the error did not occur.
 - ❌ As the admin user, the error did not occur.

 In both cases, the page list rendered and was correct, showing only those
 pages authored by the user.

 Also tested with posts and in both cases, worked too.

 Also tested with WordPress 6.5.4, which also worked - not able to
 reproduce.

 == Conclusion

 I was not able to reproduce the reported issue on WordPress 6.6.2 or
 6.5.4.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/62040#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list