[wp-hackers] Security at Wordpress
elharo at metalab.unc.edu
Sat Apr 22 11:44:19 GMT 2006
Robert Deaton wrote:
> Think about every area in the admin panel where it makes sense to use
> a normal link instead of a form button to do things. Let's take the
> manage posts page, where the Delete action is one that uses GET to
> carry out an action. Now, let's think about a cross browser way to
> a form with a submit button, but that doesn't match all the other
> links to do things on the page, and it'd look completely wrong if we
> changed everything to submit buttons. Oh wait, we can style that with
> CSS? You're leaving a few browsers out. So now what do we have? An
> ugly interface, which will surely raise more eyebrows, to fix a
> problem that has a different solution.
There's a very good reason to make the DELETE action look different. It
is not side-effect free, unlike a lot of the other actions. The user
should see a visual distinction that clues them in that something is
different about this action they're abut to take. Having delete look
different is a feature, not a bug.
> As far as I'm concerned, until there is a solution that makes sense
> for this problem, I'm fine with abusing the HTTP standard.
It sounds like you're happy living in a house that will fall down when
someone leans on the wrong corner as long as you get to paint the
molding in just the right shade of puce. Frankly I find that attitude
incomprehensible, though lord knows I've seen enough of it over the last
just how we're wired. Some people focus on the external appearance and
some focus on the internal architecture, and neither will ever
understand or comprehend the other.
The best you can hope for is a decoupling of the internal architecture
from the external appearance so that one can be changed without
affecting or limiting the other. To a large extent that's what CSS and
XForms attempt to provide on the Web. Unfortunately we're not all the
way there yet.
For me at least, until we are, I'm much more concerned about getting the
architecture right to provide the security, scalability, and robustness
I want out of a web app. I can live with a site where the delete link
looks a tad funky. I can't live with a site where any contributor or
commenter can delete a post they don't like.
Elliotte Rusty Harold elharo at metalab.unc.edu
XML in a Nutshell 3rd Edition Just Published!
More information about the wp-hackers