Make WordPress Core

Opened 14 years ago

Closed 14 years ago

Last modified 14 years ago

#7192 closed defect (bug) (duplicate)

Password recovery key must not contain hash # character

Reported by: mastermind's profile mastermind Owned by:
Milestone: Priority: normal
Severity: blocker Version: 2.5.1
Component: Administration Keywords:
Focuses: Cc:


On a site where I was registered, I tried to retrieve a new password. The activation URL was like:

When calling the URL, the WP install told me the key was invalid -- obviously, because the hash and the part thereafter are not sent to the server, but are interpreted as anchor. Encoding the hash as %23 didn't help neither; I assume this is because the respective function does not urldecode() the key.

Change History (2)

#1 @DD32
14 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

see #6842

#2 @thee17
14 years ago

  • Milestone 2.6 deleted
Note: See TracTickets for help on using tickets.