didoo

Well done! Now it works. Thanks.

PS: can I use this development version in production, or better to wait an official release?

No, with the “Password Protected Page” plugin there must be some kind of incompatibility or wrong url-redirection.

Now the draft/preview url is handled correctly:
/?post_type=training&p=477&preview=true
and it shows the correct custom-post-type page.

But not all urls are handled correctly. Using a plugin like the “Password Protected Page” (same clean installation) and calling the homepage redirects to an infinite-loop. Here you can find the HTTP dump:

GET / HTTP/1.1

HTTP/1.1 302 Found
Location: https://www.domain.loc/it/

————

GET /it/ HTTP/1.1

HTTP/1.1 302 Found
Location: https://www.domain.loc?password-protected=login&redirect_to=http%3A%2F%2Fwww.domain.loc%2Fit%2F

————

GET /?password-protected=login&redirect_to=http%3A%2F%2Fwww.domain.loc%2Fit%2F HTTP/1.1

HTTP/1.1 302 Found
Location: https://www.domain.loc/it/

————

GET /it/ HTTP/1.1

HTTP/1.1 302 Found
Location: https://www.domain.loc?password-protected=login&redirect_to=http%3A%2F%2Fwww.domain.loc%2Fit%2F

————

GET /?password-protected=login&redirect_to=http%3A%2F%2Fwww.domain.loc%2Fit%2F HTTP/1.1

and so on…