[wp-hackers] Security at Wordpress

Owen Winkler ringmaster at midnightcircus.com
Mon Apr 24 12:08:01 GMT 2006

Andy Skelton wrote:
> If you only moved certain actions (e.g. delete post) out of the GET
> domain while leaving others alone (e.g. comment moderation) you'd
> probably have more luck getting your code committed.

Also note that this is a mock-up, not a patch to the code.  A patch to 
do just what we see here would probably have been less work.

Does this look reasonable in Safari?  That's where I hear there are 
problems, though I haven't looked at it there myself yet.

Strange that all of the POST proponents hadn't written a patch for this 
already - it might have been less overall work than the bluster they've 
created, and it might already have been committed by now.


More information about the wp-hackers mailing list