Upgrade/Install/Users: Prevent JS bug filling new passwords.

A JavaScript race condition was throwing an error and preventing passwords from being set if the zxcvbn library loaded earlier than expected. This could prevent the installation of WordPress or the creation/updating of user accounts. Props adi64bit, afragen, agepcom, audrasjb, bedas, brookedot, cbigler, charlyox, costdev, desrosj, drago239, Eric3D, espiat, jadpm, jrf, justinahinon, kubiq, lkraav, michelangelovandam, mirkolofio, mkox, peterwilsoncc, poena, sbossarte, sebastienserre, SergeyBiryukov, Synchro, thomasplevy, walbo, waterfire, wpmakenorg. Fixes #53974, #52086. git-svn-id: https://develop.svn.wordpress.org/trunk@53122 602fd350-edb4-49c9-b593-d223f7449a82
2026-06-28 14:20:15 +00:00 · 2022-04-11 04:27:11 +00:00
parent ede9cc629d
commit 59b4b3e6a6
1 changed files with 11 additions and 0 deletions
--- a/src/js/_enqueues/admin/user-profile.js
+++ b/src/js/_enqueues/admin/user-profile.js
@@ -32,6 +32,13 @@
 			showOrHideWeakPasswordCheckbox();
 		}

+		/*
+		 * This works around a race condition when zxcvbn loads quickly and
+		 * causes `generatePassword()` to run prior to the toggle button being
+		 * bound.
+		 */
+		bindToggleButton();
+
 		// Install screen.
 		if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
 			// Show the password not masked if admin_password hasn't been posted yet.
@@ -82,6 +89,10 @@
 	}

 	function bindToggleButton() {
+		if ( !! $toggleButton ) {
+			// Do not rebind.
+			return;
+		}
 		$toggleButton = $pass1Row.find('.wp-hide-pw');
 		$toggleButton.show().on( 'click', function () {
 			if ( 'password' === $pass1.attr( 'type' ) ) {