[wp-trac] [WordPress Trac] #49110: Add ability to lock/restrict public REST API access from WP Admin
WordPress Trac
noreply at wordpress.org
Tue Dec 31 17:01:06 UTC 2019
#49110: Add ability to lock/restrict public REST API access from WP Admin
-------------------------+------------------------------------------------
Reporter: apedog | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: | Focuses: administration, rest-api, privacy
-------------------------+------------------------------------------------
Comment (by knutsp):
Non-technical users of WordPress might not even know that their:
* published posts are accessible when not visible or linked to from the
home page
* published posts are accessible through XML (RSS/Atom) feed
* published posts are accessible through XML-RPC API
What makes REST API so special, or should WordPress just warn that it is
publishing platform?
As for meta data, I have had the impression they are not available in APIs
unless explicitly made public through registering the keys as such?
All interfaces/formats/APIs, HTML, XML, JSON (RPC/REST) was introduced by
decisions, not options.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/49110#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list