[wp-hackers] WordPress 2.0.3 Tuneup Plugin

Computer Guru computerguru at neosmart.net
Sun Jun 4 09:47:30 GMT 2006


OK, I will try that out.
Yes, the nonce bugs are reproducible as far as the AYS page goes. I thought
it was a "feature" at first, hence my lack of reporting.
But, yeah, the redirect and slashing I have yet to see... and I have tens of
comments a day to change on my blog... However:

Did you ever see the dialog box I'm talking about? I think it was the 2.0.3
codebase, basically on clicking "edit" for a comment, and then I get a popup
box with a message in it... can't for the life of me remember what was in
it, I'll see if I can track it down.

Computer Guru
NeoSmart Technologies
http://neosmart.net/blog/


-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com
[mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Mark Jaquith
Sent: Sunday, June 04, 2006 12:23 PM
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] WordPress 2.0.3 Tuneup Plugin

On Jun 4, 2006, at 3:57 AM, Computer Guru wrote:

> But the problem is that not everyone can reproduce these bugs, Mark.

The Nonce bugs are, by their nature, 100% reproducible.

The AYS slashing bug *should* be 100% reproducible.  WP includes code to
normalize things like register_globals and magic quotes.  To test, edit a
comment with a regular straight quote in it  (using stock
2.0.3 and not having my plugin enabled).  You should get (a) AYS dialog and
then (b) slashes before any straight quotes in the comment.

the only one I'm not so sure about is the comment editing redirection bug.
You'll have to talk to Michael Adams about that, he reported it.

--
Mark Jaquith
http://txfx.net/


_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers



More information about the wp-hackers mailing list