#16780 closed defect (bug) (invalid)
admin-bar shouldn't be served via /wp-admin
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 3.1 |
| Component: | Administration | Keywords: | |
| Focuses: | Cc: |
Description
Ideally the admin-bar shouldn't serve anything out of /wp-admin since some users .htaccess protect by IP or password. The chart however is. This is fine normally but since cookies don't abide by the same expiration policies as other security mechanisms you can end up with a password prompt on every page, or just a 403.
Ideally a php file in /wp-includes for the chart would be better.
Seeing this behavior in 3.1.
Change History (3)
#1
@
13 years ago
- Milestone Awaiting Review deleted
- Resolution set to invalid
- Status changed from new to closed
#3
@
13 years ago
Just a quick follow up. You should direct this information to http://wordpress.org/tags/stats?forum_id=10 (the WordPress stats plugin forum) and also be aware that there is an option to disable the admin bar chart (Plugins > WordPress.com Stats), however, it doesn't appear to be functioning correctly currently.
Note: See
TracTickets for help on using
tickets.
By "the chart" I think you must be using the WordPress stats plugin which adds a small bar graph to the admin bar. This is indeed loaded from wp-admin but is nothing to do with WordPress core as it is not part of a default install.