[wp-trac] [WordPress Trac] #39854: REST API: Add gmt_offset to base /wp-json response

WordPress Trac noreply at wordpress.org
Mon Feb 27 00:31:11 UTC 2017


#39854: REST API: Add gmt_offset to base /wp-json response
-------------------------------------------------+-------------------------
 Reporter:  jnylen0                              |       Owner:  jnylen0
     Type:  enhancement                          |      Status:  accepted
 Priority:  normal                               |   Milestone:  4.8
Component:  REST API                             |     Version:  4.7
 Severity:  normal                               |  Resolution:
 Keywords:  needs-unit-tests needs-refresh dev-  |     Focuses:  rest-api
  feedback needs-patch                           |
-------------------------------------------------+-------------------------
Changes (by rmccue):

 * keywords:  has-patch needs-unit-tests needs-refresh dev-feedback =>
     needs-unit-tests needs-refresh dev-feedback needs-patch


Comment:

 Strong -1 on `is_user_logged_in()`, we should always be checking
 authorization (capabilities) not authentication (presence of user).

 Why do we need to restrict this in any case? I see no potential security
 or privacy issues in exposing this.

 Also, if we expose `gmt_offset`, we should also expose `timezone_string`.
 The former is not stable (i.e. it changes regularly in timezones with
 daylight savings), and the latter is the only real one you can depend on
 over time.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39854#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list