#51613 closed defect (bug) (fixed)
Error thrown on login page
Reported by: | ntsekouras | Owned by: | sarahricker |
---|---|---|---|
Milestone: | 5.6 | Priority: | normal |
Severity: | normal | Version: | 5.6 |
Component: | Login and Registration | Keywords: | has-patch has-screenshots commit |
Focuses: | Cc: |
Description
Currently when you visit the login page, an error is thrown in console.
The root for this might be in some recent changes (3 days ago) in password generation in core.
The request is coming from here: https://github.com/WordPress/WordPress/blob/c575f66422d8288dbe478c7717df9f5685be0f80/wp-admin/js/user-profile.js#L150
That file changed 3 days ago in this commit here: (https://github.com/WordPress/WordPress/commit/daa977c495e73bb2b85a517e464c16fd4f2d3233).
Attachments (3)
Change History (29)
#1
@
4 years ago
- Component changed from General to Login and Registration
- Milestone changed from Awaiting Review to 5.6
- Version set to trunk
This ticket was mentioned in PR #661 on WordPress/wordpress-develop by sarahricker.
4 years ago
#3
- Keywords has-patch added
Password generation should not load on the WordPress login page.
Trac ticket: https://core.trac.wordpress.org/ticket/51613
#4
@
4 years ago
- Keywords needs-testing has-screenshots added
- Owner set to sarahricker
- Status changed from new to assigned
Hey @SergeyBiryukov! I took a quick look at this. It was the ajax error in above screenshot. Resolved by preventing wp.ajax.post( 'generate-password' )
from running on the wp-login.php page, including when redirected to the page, as there is nothing to generate there.
Note: Ability to generate passwords still runs on user profile and when on the login page for password resets.
See Github PR: https://github.com/WordPress/wordpress-develop/pull/661
#5
@
4 years ago
#7
@
4 years ago
Thanks for reporting @ntsekouras and working on this @sarahricker. I will take a look. Odd that the src/js/_enqueues/admin/user-profile.js
file is being pulled into the login screen at all!
#8
@
4 years ago
Yep I believe the reset password screen relies on the password generation script to suggest a first password? It does not however use the button to suggest additional strong passwords, yet the ajax is still called and errors.
- Preventing that part from loading on wp-login.php as the patch does fixes it.
- Adding the button to randomize other strong passwords like the user profile page does may also fix it -- but I would consider that a feature for next release if that is suggested. Not a bad idea though, if I do say so myself!
#9
@
4 years ago
the reset password screen
Ah, that makes more sense. I will test there as well. Trying to determine best condition to use to avoid the error.
#11
@
4 years ago
I confirmed the use of user-profile.js on the password reset screen, which is served via the same PHP page as login with a URL domain/wp-login.php?action=rp
. As you point out, that screen prefills the password (on the PHP side), I think the JS here mostly activates the password meter and handles the 'weak password' checkbox and disabling the submit button when required.
In my testing, I was able to remove the pre-setting of the password that was causing the error. This had no effect on the editing/setting passwords on the user profile screen, or after resetting WordPress (wp db reset
) on the New Site setup screen (where you also create a user).
Patch incoming.
This ticket was mentioned in PR #662 on WordPress/wordpress-develop by adamsilverstein.
4 years ago
#12
Trac ticket: https://core.trac.wordpress.org/ticket/51613
#13
@
4 years ago
In 51613.diff removes the preloading of the password in JS entirely; we already do this in PHP where needed. In my testing this fixed the reported console error and password generation continued to work as expected.
@sarahricker and @ntsekouras can you confirm this resolves the console error you were seeing and also if possible test the user profile, password reset and new site install screens to verify password generation (plus show/hide and cancel when present) still works as expected?
This ticket was mentioned in Slack in #core by sarahricker. View the logs.
4 years ago
#16
@
4 years ago
Hey @adamsilverstein Yes that was my experience as well! Your patch also fixes the problem in a cleaner way, however do you know the history of that code you're removing? Wouldn't want to break something else unknown!
51613.diff Passed all concerns I'm aware of:
- user profile > generate password
- wp-login.php?action=rp
- wp-login.php
#17
@
4 years ago
#18
@
4 years ago
- Keywords 2nd-opinion added; needs-testing removed
Awesome, thanks @adamsilverstein! If @bookdude13 signs off on (51613.diff #662) then I'm good with moving forward on this one on my end.
#19
@
4 years ago
@adamsilverstein @sarahricker I haven't been active for a while, so not sure what's changed with the files involved in the patch since I made it. I removed that chunk in the 42852.4 patch, then re-added to the final patch because there was a noticeable delay when populating the password field in the profile page. If that delay isn't there anymore, then this should be fine.
#20
@
4 years ago
Hey @adamsilverstein and @sarahricker - thanks for working on this!
By removing the request it's okay.
#22
@
4 years ago
- Keywords commit added; dev-feedback 2nd-opinion removed
Awesome, thanks @ntsekouras! I think this is ready for commit then, @SergeyBiryukov @hellofromTonya
This ticket was mentioned in Slack in #core by hellofromtonya. View the logs.
4 years ago
hellofromtonya commented on PR #661:
4 years ago
#25
Merged in changeset https://core.trac.wordpress.org/changeset/49337
hellofromtonya commented on PR #662:
4 years ago
#26
Trac ticket closed with changeset https://core.trac.wordpress.org/changeset/49337 merge.
Hi there, welcome back to WordPress Trac! Thanks for the report.
When vising the login screen, I see a couple of jQuery Migrate warnings, but no errors:
Could you share some more details about the error you're seeing?