Password protected posts / pages form action issue

[marcinkrzeminski]

Today I have found a bug in the starter-theme/templates/single-password.twig. I was getting 502 on WP Engine for password-protected pages and posts. After some research, it turned out that WP Engine is appending an extra query string to the action URL. Currently, we have:

<form action="{{ site.site_url }}/wp-login.php?action=postpass" method="post">

I was able to fix it by adding this piece of code in my single.php and page.php:

$context['form_action'] = esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) );

Doing it this way allows hooks to alter the URL.

The form action field looks like this:

<form action="{{ form_action }}" method="post">

I got the idea from this issue: https://toolset.com/forums/topic/password-protected-post-bug-with-wpengine/

What do you think would be the best way to handle this? Is it better to provide a globally accessible variable like site.password_proteced_url or just modify the single.php and page.php as well as the templates/single-password.twig. Or maybe you have another suggestion? Let me know and I'll create a pull request.

[Levdbas]

PR at #118