[wp-trac] [WordPress Trac] #49110: Add ability to lock/restrict public REST API access from WP Admin
    WordPress Trac 
    noreply at wordpress.org
       
    Thu Jan  2 12:50:47 UTC 2020
    
    
  
#49110: Add ability to lock/restrict public REST API access from WP Admin
-------------------------+------------------------------------------------
 Reporter:  apedog       |       Owner:  (none)
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  REST API     |     Version:
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:  administration, rest-api, privacy
-------------------------+------------------------------------------------
Comment (by apedog):
 >When first digging into WordPress, many years ago, I remember I was a bit
 surprised RSS feeds was also available for any archive, just by adding
 /feed to the URL. Should I have expected it not to, based on the fact that
 I had edited the template?
 Good point. The Admin area links to ample documentation regarding RSS -
 had you wanted those questions answered.
 The same should be afforded to REST API. Preferably from a similar
 settings page, if not from the exact same page.
 >I even deleted such template, but still the index.php took over. I
 understood one ting quit early: Must learn more, or else I don't know what
 I am really doing, so far.
 I absolutely relate to this attitude. I completely agree with your point.
 That is the impetus behind this ticket. To facilitate exactly that kind of
 understanding and access. As it stands, REST is hidden from an admin user.
 It exists as ''external-only'' documentation, and is thus implicitly only
 targeted at developers interested in using it. Not at site admins.
 >An overview of how content may be accessed through different interfaces
 and formats will be a good thing, if not already there. This may be linked
 to from admin.
 That is a must (IMO)
 Some measure of control would also be a positive addition. In much the
 same way the WP Admin area allows minimal control of permalinks and
 rewrite rules.
-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/49110#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
    
    
More information about the wp-trac
mailing list