[wp-hackers] On overly-obscure passwords

John Blackbourn johnbillion+wp at gmail.com
Thu May 6 17:46:38 UTC 2010


On Thu, May 6, 2010 at 11:49 AM, kaiiser <24-7 at gmx.net> wrote:
> Hi list,
> The most problem our users had with pw-recovering mails was
> the automatic-link
> and the plain-text-mail: When you receive a plain-text mail in ex.
> microsoft outlook, then
> the recovery-link get's linked by outlook, but broken at white
> spaces.
> Ex: http://example.com/wp-login?action=rp&key=YcLmiYqDkXJWcDzG2mbl&login=Firstname
> Lastname.
> "Lastname" and the space don't get linked and the user comes to a 404-
> Page.

This is a bug in that case. The username should be URL encoded so it
gives you Firstname+Lastname or Firstname%20Lastname. I'll do a
ticket.


More information about the wp-hackers mailing list