[wp-hackers] Re: Proposal: Add a Privacy Option: Anonymise Updates

Christian Höltje docwhat+list.wp.hackers at gerf.org
Thu Sep 27 15:32:50 GMT 2007


* Viper007Bond (viper at viper007bond.com) [070927 02:46]:
> On 9/26/07, Travis Snoozy <ai2097 at users.sourceforge.net> wrote:
> > On Wed, 26 Sep 2007 23:58:52 -0400, "Austin Matzko"
> > <if.website at gmail.com> wrote:
> > For the time being, this cuts out all potentially-sensitive data
> > (language, PHP version, charset preferences)
> 
> Huge -1 to that, mainly the PHP version. I'm fine with plugins
> disabling sending that, but if we don't send that with the core, then
> that's a lot of very important statistics lost (i.e. if we only
> support PHP5, what % of users would be affected?).
> 
> And what's the harm in sending PHP version anyway? You're REALLY
> paranoid if you think that's a security risk and if for some reason it
> is, then you have bigger problems (i.e. upgrade your PHP version).

I don't think it's worth blocking PHP version, since the PHP version
is sent with every HTTP response on the blog.

BTW: A bunch of this is done already in bugs 5065 and 5085.

Ciao!

links:
http://trac.wordpress.org/ticket/5065
http://trac.wordpress.org/ticket/5085


-- 
Star Wars is adolescent nonsense; Close Encounters is obscurantist drivel; Star Trek can turn your brains to puree of bat guano; and the greatest science fiction series of all time is Doctor Who!  And I'll take you all on, one-by-one or all in a bunch to back it up!
	 -- Harlan Ellison

The Doctor What: Kaboom!                         http://docwhat.gerf.org/
docwhat *at* gerf *dot* org                                        KF6VNC


More information about the wp-hackers mailing list