[wp-trac] [WordPress Trac] #11941: Security Issues in class Snoopy within trunk
WordPress Trac
wp-trac at lists.automattic.com
Sun Mar 28 04:23:08 UTC 2010
#11941: Security Issues in class Snoopy within trunk
--------------------------+-------------------------------------------------
Reporter: hakre | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Security | Version: 3.0
Severity: normal | Resolution: wontfix
Keywords: |
--------------------------+-------------------------------------------------
Changes (by dd32):
* status: new => closed
* resolution: => wontfix
* milestone: 3.0 =>
Comment:
Snoopy will be staying for backcompat for a little bit longer.
Snoopy should not be responsible for any XSS/filtering, its designed to
return the raw content of a URL, the same as WP_HTTP is. Data from all
external sources should be filtered properly by the functions using it.
Snoopy is no longer used by WordPress at all, Magpie which used it has a
WP_HTTP -> Snoopy-style-result compat function.
Closing as worksforme due to the above reasons. If you wish to have a
ticket for removal of snoopy, please open one for Future Release without
Security-conotations for the removal.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11941#comment:1>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list