WordPress.org
Get WordPress

Make WordPress Core

Opened 3 years ago

Last modified 3 months ago

#52977 new defect (bug)

Consider using basic auth in https healh check.

Reported by: peterwilsoncc's profile peterwilsoncc Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.7
Component: Site Health Keywords: dev-feedback has-patch
Focuses: Cc:

Description

If the WordPress dashboard is behind basic auth, in some checks the site health component will pass the authentication through to background HTTP requests (the wp-cron tests does this for example).

The https detection test does not do this, it would be worth discussing whether it should:

  • always do this
  • send a second request with basic auth if the first request fails
  • something similar not listed here :)

Follow up to #52783.

Change History (3)

#1 @TimothyBlynJacobs
3 years ago

I think it'd be worth always doing this.

This ticket was mentioned in PR #5171 on WordPress/wordpress-develop by @Michi91.
3 months ago #2

  • Keywords has-patch added

See https://core.trac.wordpress.org/ticket/52977

#3 @Michi91
3 months ago

  • Keywords dev-feedback added

Created a patch. It works the same style as the other loopback tests.

I tested it in my local test enviroment and it works like a charme :-)
With enabled basic auth, 'Authorization' header is set and part of the https loopback request

Note: See TracTickets for help on using tickets.