[wp-trac] [WordPress Trac] #7379: Revisions of Autosaves
    WordPress Trac 
    wp-trac at lists.automattic.com
       
    Tue Jul 22 21:39:26 GMT 2008
    
    
  
#7379: Revisions of Autosaves
----------------------+-----------------------------------------------------
 Reporter:  thomask   |       Owner:  anonymous          
     Type:  defect    |      Status:  new                
 Priority:  high      |   Milestone:  2.6.1              
Component:  Security  |     Version:                     
 Severity:  major     |    Keywords:  revisions, autosave
----------------------+-----------------------------------------------------
 see http://lesterchan.net/wordpress/2008/07/17/how-to-turn-off-post-
 revision-in-wordpress-26
 This problem does not only affect performance, but also got security
 issues:
 you can e.g. copy to the article the partialy secret data and then you
 want to delete the secret parts, but with this autosave revisions bug,
 your secret data are stored in the database and everyone
 (editors/admins...) can reach them!
 Both functions are fine, but there should be no revisions of autosaves!
-- 
Ticket URL: <http://trac.wordpress.org/ticket/7379>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
    
    
More information about the wp-trac
mailing list