[wp-trac] [WordPress Trac] #37332: Enhancement: Add a wrong password message on password protected posts

WordPress Trac noreply at wordpress.org
Fri Jan 17 22:28:23 UTC 2025 

#37332: Enhancement: Add a wrong password message on password protected posts
-------------------------------------------------+-------------------------
 Reporter:  henry.wright                         |       Owner:  joedolson
     Type:  defect (bug)                         |      Status:  accepted
 Priority:  normal                               |   Milestone:  6.8
Component:  Posts, Post Types                    |     Version:  4.5.3
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch needs-testing has-         |     Focuses:
  testing-info                                   |  accessibility
-------------------------------------------------+-------------------------
Changes (by joedolson):

 * keywords:  has-patch => has-patch needs-testing has-testing-info


Comment:

 This new patch adds a number of accessibility features:

 1) Adds `role="alert"` to the error message so its announced by screen
 readers on load.
 2) Adds `aria-describedby` to the input field so the error is associated
 with the password field.

 Additionally, this patch revises the filters in the previous patch so
 that:

 1) The same filter isn't executed twice with different arguments
 2) The HTML is not part of the text filter, only the message itself.

 Last, this adds some additional wrappers & classes to improve styling
 options and moves the error message inside the form element, and changes
 the terminology to use 'invalid' instead of 'incorrect'.

 I gave some thought to the edge case described above, but it's fairly
 difficult to resolve without significant changes to how post passwords are
 handled, and I'm not sure they're justified. In addition, I'm not sure
 that the edge case is necessarily wrong; the post password has been saved
 as a cookie, and that post password is, indeed, invalid.

 To test:

 1) Create a post and assign it a password.
 2) From the front-end, enter the wrong password.
 3) Confirm that the text 'Invalid Password' appears; that there is an
 `aria-describedby` attribute connecting the password input to the error
 message, and a `role="alert"` on the error message.
 4) Confirm that entering the correct password works as before.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/37332#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list