Make WordPress Core

Opened 3 months ago

Last modified 2 weeks ago

#41445 new defect (bug)

post_parent can prevent media from embedding correctly

Reported by: loboyle Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: REST API Keywords:
Focuses: Cc:


If media is uploaded for a post, then used as a featured image on another post, and the original parent is not accessible via the REST API (e.g. because it's in the trash, not published etc), then it cannot be embedded on the post that is accessible.

To reproduce

  • make a new post with a featured image
  • trash the post
  • make a new post, using the first image as the featured image
  • request the second post over the rest API with media embedding enabled

The media will not be embedded, instead a forbidden result will be embedded error

        "message":"You don't have permission to do this.",

See https://github.com/WP-API/WP-API/issues/2596 for the original issue. Also related is https://core.trac.wordpress.org/ticket/30691.

Change History (5)

This ticket was mentioned in Slack in #core by kadamwhite. View the logs.

2 months ago

This ticket was mentioned in Slack in #core-media by joemcgill. View the logs.

2 months ago

#3 @ritter.aaron
2 months ago

we experience the same issue, with the difference that the image was first uploaded to the library via Medialibrary and then attached to a pods post in to a field without any meta data (basicaly using pods with additional fields in table) (which works) and then attached to a blog post which showed the same issue with permission denied 403 (when directly attaching to the post it worked)

one more thing i found is that when attaching to the post the file name gets truncated

when uploading via media library it does not get truncated

This ticket was mentioned in Slack in #core-restapi by kadamwhite. View the logs.

4 weeks ago

#5 @benjamincreative
2 weeks ago

  • Version 4.7.5 deleted

Same here on 4.8.2

Uploaded to one custom post type as draft, added to another public custom post type...

Note: See TracTickets for help on using tickets.