Opened 20 months ago
Last modified 20 months ago
#57707 new defect (bug)
Issue with "Add New Application Password" in profile page leading to empty error message
Reported by: | king-a-s | Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 6.1.1 |
Component: | Application Passwords | Keywords: | reporter-feedback |
Focuses: | javascript, administration | Cc: |
Description
The issue I would like to report is in the profile page. When I try to "Add New Application Password", the request goes to the link
"Site Address (URL)/wp-json/wp/v2/users/1/application-passwords?_locale=user"
instead of the link
"WordPress Address (URL)/wp-json/wp/v2/users/1/application-passwords?_locale=user".
As a result, an empty error message appears if the "Site Address" is different from the "WordPress Address".
Change History (5)
#3
in reply to:
↑ 2
;
follow-up:
↓ 4
@
20 months ago
Replying to peterwilsoncc:
Hi @king-a-s and welcome to trac!
That the REST API is relative to the site address is the correct behavior. The
/wp-json/*
endpoints are rewritten based on the site address.
I've attempted to reproduce the issue in an install with a different site and WordPress url and am unable to do so. The application passwords are created as expected.
Are you able to reproduce the issue on a new WordPress install running a default theme (such as Twenty Twenty Three) and no plugins?
Thanks
Dear @peterwilsoncc
Thank you for your response, however, the issue still exists. It maybe because I am not using both options correctly as intended.
I expect the REST API must follow the WordPress URL, which should be the correct behavior.
From what I understand, I have a website: https://mysitename.com which I have designated as the Site Address (URL). And I have WordPress installed at https://mysitename.com/wp which I have designated as the WordPress Address (URL).
For example, I either:
Use WordPress only as a blog for a website.
or
Use WordPress as a headless CMS and connect it to main website.
So when I enter the dashboard, it will be at https://mysitename.com/wp/wp-admin and the REST API will be at https://mysitename.com/wp/wp-json. And the website link will be displayed to users at https://mysitename.com, which I believe is the correct link.
However, in the case I am facing, the application-passwords are going to https://mysitename.com/wp-json instead of https://mysitename.com/wp/wp-json.
I apologize for the lengthy explanation but to get my point across.
Thank you.
#4
in reply to:
↑ 3
;
follow-up:
↓ 5
@
20 months ago
- Component changed from General to Application Passwords
Replying to king-a-s:
However, in the case I am facing, the application-passwords are going to https://mysitename.com/wp-json instead of https://mysitename.com/wp/wp-json.
This is the intended behavior, the rest api is a front end resource and intended to be relative to the public facing url. This has been the case since the introduction of the rest api so isn't something that WordPress is able to change.
What I am trying to ascertain is whether you see the empty errors when attempting to create an application password using a copy of WordPress running in a sub-directory using a default theme and without any plugins?
#5
in reply to:
↑ 4
@
20 months ago
Replying to peterwilsoncc:
What I am trying to ascertain is whether you see the empty errors when attempting to create an application password using a copy of WordPress running in a sub-directory using a default theme and without any plugins?
Yes the case I'm telling you about is as you say, a copy of WordPress without any plugins and using a default theme.
WordPress files in a sub-directory (public_html/wp) - https://mysitename.com/wp
but in "General Settings" I set
https://mysitename.com/wp for "WordPress Address (URL)"
and
https://mysitename.com/ for "Site Address (URL)"
thankyou.
Hi @king-a-s and welcome to trac!
That the REST API is relative to the site address is the correct behavior. The
/wp-json/*
endpoints are rewritten based on the site address.I've attempted to reproduce the issue in an install with a different site and WordPress url and am unable to do so. The application passwords are created as expected.
Are you able to reproduce the issue on a new WordPress install running a default theme (such as Twenty Twenty Three) and no plugins?
Thanks