[wp-hackers] Security: username as class in commenst

scribu scribu at gmail.com
Tue Mar 10 22:37:24 GMT 2009

The author login is also written in the permalink structure which displays
posts by a certain author: http://example.com/author/author-login/

Can't you apply a filter to the function that generates the class and remove
the author if it might be a security concern in your case?

On Wed, Mar 11, 2009 at 12:12 AM, Frank Bueltge <frank at bueltge.de> wrote:

> Hello,
> the new comment-functions has the username of the author as class.
> please can you change this in the newxt release to the nickname.
> i think this is a problem for security.
> I hope you enjoy this.
> Frank
> http://bueltge.de/
> http://wpengineer.com/
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers


More information about the wp-hackers mailing list