[wp-testers] It is a bug here??
Aaron D. Campbell
aaron at xavisys.com
Tue Apr 15 13:37:55 GMT 2008
You can't view the source of those files, what you see for example when
you go to http://xavisys.com/wp-includes/js/tinymce/tiny_mce_config.php
is the Javascript that this file is supposed to be outputting. If you
compare that to the actual contents of the file, you will see the
difference. In short, as long as your server is parsing PHP and not
sending the entire contents of the file to the browser, you should be
fine. If it worries you, you could add some deny rules to your .htaccess
crime_genius86 wrote:
> http://www.yourdomain.com/wp-includes
> you can directly open here, and may view all of the source file..
>
> http://www.yourdomain.com/wp-includes/js/tinymce/tiny_mce_config.php
> http://www.yourdomain.com/wp-content/themes/
>
> it is normal people can view this? or we must fix it up??
>
> [crime_genius86]
More information about the wp-testers
mailing list