#59920 closed defect (bug) (invalid)
wp.preferences causes continuous Basic Auth prompts
Reported by: | orestissam | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Script Loader | Keywords: | |
Focuses: | Cc: |
Description
With the release of WordPress 6.1, the @wordpress/preferences
package was also introduced to appropriately persist editors' UI preferences in user meta. This was backported to core with the [54182] changeset.
The wp-preferences
inline script makes a call to the /wp-json/wp/v2/users/me
endpoint, which for unauthenticated users (correctly) triggers a HTTP 401 error.
The problem this causes is that, for websites that use Basic Auth, the 401 error will cause the browser's HttpAuthCache entry to be removed. This will in turn cause a Basic Auth prompt to be shown again for the next request (either the next page load or lazy-loaded images, AJAX calls etc) which makes navigating and using the website time-consuming and annoying.
Since the preferences' persistence logic only applies to editors, a possible fix for this would be to prevent enqueuing of the wp-preferences
script for non logged-in users.
Change History (4)
#2
@
11 months ago
- Keywords close added
Due to lack of replication information, I am going to suggest that this is closed as it does not appear to be a bug in WordPress core.
Hi @orestissam, thanks for the ticket.
Can you provide instructions on how to replicate this? Using the twenty-twenty-four theme and no plugins, I don't see the preferences JS enqueued on the front end. It might be the case that some code in your theme and/or plugins is enqueuing this JS without considering the side effects that you've discovered.