Forum Password Reset link is wrong

  • lalwende

    (@lalwende)


    7 years, 10 months ago

    Greetings,

    I tried to log into WordPress.org after some time and I forgot my password. It happens, that’s what the various reset password functions are for 🙂 Unfortunately there is a bug with link you send in the email requesting a reset. Modified quote from the email:

    To reset your password, visit the following address:

    <https://login.wordpress.org/wp-login.php?action=rp&key=XXxxxXXxxXXxx&login=xxXxxXx&gt;

    The programme that sends the email underlines the link starting from https: BUT! ends it with > and thus when I was clicking the link I was getting invalid key error. I have spotted the issue (obviously, otherwise I couldn’t have been posting this ;)) and I thought I might notify you about it as some people might encounter the same bug.

    Have a good one!

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    7 years, 10 months ago

    Interesting. I tested this and the link is clickable and correct with my mail client (Thunderbird) and when clicked using gmail (on the web). What mail client are you using?

    Thread Starter lalwende

    (@lalwende)

    7 years, 10 months ago

    I was not using a client but logged through the web to my email account. The &gt part of the link above is the > that was still underlined (and it shouldn’t be). It’s curious that this is not easily reproduced. I didn’t encounter this issue with other platforms when I needed to reset a password, but it could be that the > at the end made the website client show me the link incorrectly.

    Thank you for verifying, at least it’s not a common issue!

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    7 years, 10 months ago

    This is actually the same password reset process that the WordPress core itself uses. The link is indeed surrounded by < > marks, but I’ve never seen an email client which makes those part of the link itself.

    If you can reproduce this, or find cases where the link is incorrect, then it might be worth bringing it up as a core ticket, to change WordPress to have spaces surrounding that, to prevent such issues.

    indigobg

    (@indigobg)

    7 years, 5 months ago

    Exactly! I have the same problem, I’m searching since 3 days how to fix this. WIth gmail the link works, but with others like abv.bg “>” is shown like a part from the link and thats why the link is not working … Somebody must put a space there, this cause me a big problem, my customers can not reset their passwords.

    indigobg

    (@indigobg)

    7 years, 5 months ago

    Or how can we edit it?

    • This reply was modified 7 years, 5 months ago by indigobg.
    indigobg

    (@indigobg)

    7 years, 5 months ago

    This is the answer!
    https://wordpress.org/plugins/custom-forgot-mail/

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Forum Password Reset link is wrong’ is closed to new replies.