[wp-trac] [WordPress Trac] #7379: Revisions of Autosaves
WordPress Trac
wp-trac at lists.automattic.com
Tue Jul 22 21:39:26 GMT 2008
#7379: Revisions of Autosaves
----------------------+-----------------------------------------------------
Reporter: thomask | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.6.1
Component: Security | Version:
Severity: major | Keywords: revisions, autosave
----------------------+-----------------------------------------------------
see http://lesterchan.net/wordpress/2008/07/17/how-to-turn-off-post-
revision-in-wordpress-26
This problem does not only affect performance, but also got security
issues:
you can e.g. copy to the article the partialy secret data and then you
want to delete the secret parts, but with this autosave revisions bug,
your secret data are stored in the database and everyone
(editors/admins...) can reach them!
Both functions are fine, but there should be no revisions of autosaves!
--
Ticket URL: <http://trac.wordpress.org/ticket/7379>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list