Timothy Jacobs

@budley We're pushing a fix to add the `noopener` `rel` to links instead of using blankshield for browsers that support the `noopener` property.

FYI: https://groups.google.com/forum/#!topic/google-chart-api/rZtHTyYgyXI Google's Charts QR API is shutting down permanently on March 14.

This also effects `curl_multi_init` in `request_multiple`.

How about introducing a `wp_is_allowed_application_password_redirect_url()` function that would accept a URL and return a `WP_Error`? By default, we'd reject `http`, but the function would be filterable.

A basic `wp_die` form of this was implemented in https://github.com/WordPress/wordpress-develop/pull/540/commits/bd57332c6b11368b47fc12b1a8b12eb290dfe42f.

Hi @atalon-kn, If you are using WordPress 5.6+ there is no need to use the Application Passwords plugin anymore, as the feature has been merged into core.

One major way this could change would be to use similar styling to `wp-login.php` as suggested by @aristath. @georgestephanis mentioned: > I do kinda wanna make it obvious that the...

The authorized message has changed slightly to follow the notice styling. 

Thanks for looking into it!

Thank you!