[wp-trac] Re: [WordPress Trac] #9164: #6871 Regression for Plugin
Dir
WordPress Trac
wp-trac at lists.automattic.com
Wed Feb 18 20:48:38 GMT 2009
#9164: #6871 Regression for Plugin Dir
--------------------------+-------------------------------------------------
Reporter: hakre | Owner: ryan
Type: defect (bug) | Status: new
Priority: high | Milestone: 2.7.2
Component: Security | Version: 2.7
Severity: normal | Keywords: 2nd-opinion dev-feedback
--------------------------+-------------------------------------------------
Changes (by DD32):
* keywords: => 2nd-opinion dev-feedback
* version: => 2.7
Comment:
First up, How did #6871 cause a regression? Or was it simply another
vector that was ignored?
Secondly, On the plugins page, The plugins metadata is checked (ie. If the
plugin contains no metadata, then its deactivated), Checking the contents
of the files on every load would be too slow - No, Seriously, Getting
plugin meta data is a really expensive task.. no-one in their right mind
would read it every pageload
So.. Your suggestion to combat all of this is:
* Check that the plugin filename ends in .php
* make a function that users can call in their theme to read the metadata
and validate the plugins..
(sorry if i've missed something)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/9164#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list