search

Automattic / jetpack

Security, performance, marketing, and design tools — Jetpack is made by WordPress experts to make WP sites safer and faster, and help you grow your traffic.
https://jetpack.com/
Other
1.59k stars 800 forks source link

Subscription block defaults to logged-in WordPress.com user #36474

Closed foleynotrose closed 2 months ago

foleynotrose commented 6 months ago

Impacted plugin

Jetpack

Quick summary

If you're logged in to a WordPress.com account and try to subscribe to a website, that account takes over the subscription regardless of the email address you put into the subscribe block.

Might be related to this issue? https://github.com/Automattic/jetpack/issues/39267

Steps to reproduce

  1. Log in to a WordPress.com
  2. Sign up to any blog with a different email address.

Might be related to this issue? https://github.com/Automattic/jetpack/issues/39267

A clear and concise description of what you expected to happen.

I expect to get a confirmation modal indicating the email address I tried to sign up with, as well as a confirmation email to that address.

What actually happened

  1. The confirmation modal pops up with the email address for the account I am logged in to.
  2. I get no confirmation email.
  3. However, I am automatically subscribed to that blog, without having confirmed via email.

When trying to subscribe via an incognito window, it works as expected.

Impact

All

Available workarounds?

Yes, difficult to implement

Platform (Simple and/or Atomic)

No response

Logs or notes

No response

jeherve commented 6 months ago

I cannot seem to reproduce on my end. The block sends the confirmation email to the right address.

You can, however, run into an issue when confirming your subscription, as outlined in Automattic/wp-calypso#5407

Is that what you're experiencing, maybe?

danjjohnson commented 6 months ago

I think this may be fixed already here? https://github.com/Automattic/jetpack/issues/35245#issuecomment-1992508364

foleynotrose commented 6 months ago

@danjjohnson thanks for linking that issue; i didn't find it on my initial search.

I'm still seeing the behavior though. So if it was fixed, it may have become unfixed.

foleynotrose commented 6 months ago

Also reported here: https://github.com/Automattic/jpop-issues/issues/8913

jeherve commented 6 months ago

I was finally able to reproduce, but only in Google Chrome; I did not experience the issue in Firefox.

@simison Would that fall on your radar or on Apex's (or someone else)?

Thank you!

simison commented 6 months ago

Yep, Zap 👍

This works as expected but UX can be improved.

Kind of edge case, we can improve the case when your email confirmation link is for another email than the one you’re logged in at .com already.

We could probably just pause before confirming subscription, and check what they want to do.

Otherwise we also might create two subscribers on the site — one confirmed WP.com account one) and one pending (the original email they entered).

foleynotrose commented 6 months ago

This works as expected but UX can be improved.

@simison is it expected that the logged-in user would just automatically be subscribed to the blog, without having to click on an email confirmation?

simison commented 6 months ago

@foleynotrose if we can see they're logged in, yes we subscribe them without confirmations. We can really see only if they're at sites with .wordpress.com subdomain.

simison commented 6 months ago

7918212-zd-a8c

github-actions[bot] commented 6 months ago

Support References

This comment is automatically generated. Please do not edit it.

saginpj commented 4 months ago

I can replicate the same issue on Chrome. Please see the screencast below.

bug-subscribe

lsl commented 2 months ago

Can't repro, emails go to email specified, not wpcom user, guessing fixed by D111165-code or related per https://github.com/Automattic/jetpack/issues/39267