Making WordPress.org

Opened 2 years ago

Closed 11 months ago

#6635 closed defect (bug) (fixed)

Pressing enter on a field in the plugin admin to save the plugin, causes the plugin to be disabled

Reported by: dd32's profile dd32 Owned by: dd32's profile dd32
Milestone: Priority: normal
Component: Plugin Directory Keywords:
Cc:

Description

If you hit enter on a field to save changes within the plugin directory admin, it marks the plugin as disabled due to security.

This is likely because the Disable plugin button is the first on the form, with type="submit".

These buttons should not be the default action and should only be the submitting button if they're clicked intentionally.

Change History (2)

#1 @dd32
18 months ago

  • Can also cause the reviewer to be auto-assigned to the current user
  • Causes new plugins to move to pending (and there's no UI for a reviewer to reset it back to new)

#2 @dd32
11 months ago

  • Owner set to dd32
  • Resolution set to fixed
  • Status changed from new to closed

In 13134:

Plugin Directory: Admin: Include a hidden submit button that only submits the form, and doesn't perform actions.

This is needed as the controls include a variety of submit buttons that cause actions to occur, and pressing enter in a form field such as the slug would cause the first submit button to be used.

Fixes #6635.

Note: See TracTickets for help on using tickets.