[wp-trac] [WordPress Trac] #63943: Post Passwords over 255 are not controlled in Quick Edit, nor reported Server Level.

WordPress Trac noreply at wordpress.org
Sun Sep 7 21:40:42 UTC 2025 

#63943: Post Passwords over 255 are not controlled in Quick Edit, nor reported
Server Level.
-------------------------------------------------+-------------------------
 Reporter:  SirLouen                             |       Owner:  rishabhwp
     Type:  defect (bug)                         |      Status:  assigned
 Priority:  normal                               |   Milestone:  Future
                                                 |  Release
Component:  Quick/Bulk Edit                      |     Version:  4.7
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch has-unit-tests changes-    |     Focuses:
  requested report-upstream                      |
-------------------------------------------------+-------------------------
Changes (by SirLouen):

 * keywords:  has-patch has-unit-tests => has-patch has-unit-tests changes-
     requested report-upstream
 * owner:  (none) => rishabhwp
 * status:  new => assigned
 * milestone:  Awaiting Review => Future Release


Comment:

 From the testing side, it looks good.

 I had to open the `maxlength` to check this

 [[Image(https://i.imgur.com/cq26m2L.png)]]

 Also in Gutenberg, as expected, the error

 [[Image(https://i.imgur.com/Iu9SG7o.png)]]
 Maybe this could follow up with a patch for API/Gutenberg to show the
 right message.

 And the error in the Post Editor as expected also

 [[Image(https://i.imgur.com/rByZJss.png)]]

 For the code review part: For the error section, I would set something
 like `invalid_post_password_length` to be more explicit. Also, you don't
 need to add the `Error:` in front of the sentence.

 For the test, try to keep it simpler and remove all the assertions that
 are not really straight to the point. We all know that when you use an AI
 to assist you in building the unit tests, it adds too much fluff, but you
 have to try to walk the extra mile and clean them up to go straight to the
 point with the minimal and best possible selection of asserts.

 And even more importantly, check (I have not checked) if you are not
 repeating tests. For example, we can be 100% sure that there is no check
 for the `WP_Error` because we are creating it in this patch. But are you
 completely sure there are no other tests already checking the validity of
 a `post_password`?

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/63943#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list