WordPress.org

Ready to get started?Download WordPress

Forums

XML-RPC read-only (1 post)

  1. mc007
    Member
    Posted 1 year ago #

    hi,

    we're 3th party contributors and noticed that the RPC server throws an error "Sorry, you must be able to edit posts on this site in order to view categories."

    Investigating this turned out that there are pretty brutal things done in the XML-RPC code :

    if ( !current_user_can( 'edit_posts' ) )

    return new IXR_Error( 401, __( 'Sorry, you must be able to edit posts on this site in order to view categories.' ) );

    This seems a kind of lazy and inappropriate in this matter.

    Now the question is, is this really on purpose and what are the impacts when we remove the "if ( !current_user_can( 'edit_posts' ) )"
    - check for read-only access ?

    Thank you,
    g

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags