Opened 11 years ago
Closed 11 years ago
#401 closed defect (bug) (wontfix)
Settings menu disappeared on Rosetta sites
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | International Sites (Rosetta) | Keywords: | |
Cc: |
Change History (3)
#2
@
11 years ago
Which site specifically?
http://pt.wordpress.org, of which I am admin
some of the menus are set to not show to non-proxied users
When proxied it does show up, what's the exact rationale behind this? Is it documented somewhere?
#3
@
11 years ago
- Resolution set to wontfix
- Status changed from new to closed
Okay then, yeah, that's intentional. For security reasons any settings areas like that have to be going through the proxies for w.org. When you're not proxied, you're an "admin" but not a "super-admin".
In other words, you can't wear your cape unless you're also proxied.
I don't think it's actually documented anywhere, but it's been like that for at least 2 years. Probably longer. Maybe we'll lighten up on this when we go 100% SSL, but I doubt it.
The rationale is that a lot of us go to WordCamps or other places which are using unsecured WiFi, and if somebody snagged a caped user's password or cookie, then they'd still not be able to affect any major changes without also having our SSH keys for the proxy.
You could just call it plain old paranoia, if you prefer. :)
Which site specifically?
Also, are you proxied? I believe that some of the menus are set to not show to non-proxied users, regardless of admin status.