[wp-hackers] Security: username as class in commenst
scribu
scribu at gmail.com
Tue Mar 10 22:37:24 GMT 2009
The author login is also written in the permalink structure which displays
posts by a certain author: http://example.com/author/author-login/
Can't you apply a filter to the function that generates the class and remove
the author if it might be a security concern in your case?
On Wed, Mar 11, 2009 at 12:12 AM, Frank Bueltge <frank at bueltge.de> wrote:
> Hello,
> the new comment-functions has the username of the author as class.
> please can you change this in the newxt release to the nickname.
>
> i think this is a problem for security.
>
> I hope you enjoy this.
> Frank
>
> http://bueltge.de/
> http://wpengineer.com/
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
http://scribu.net
More information about the wp-hackers
mailing list