[wp-trac] [WordPress Trac] #63188: Getting Header "REMOTE_ADDR" is user-controlled and should be properly validated before use errors into the core files.
WordPress Trac
noreply at wordpress.org
Fri Mar 28 22:19:47 UTC 2025
#63188: Getting Header "REMOTE_ADDR" is user-controlled and should be properly
validated before use errors into the core files.
-------------------------------------------------+-------------------------
Reporter: viralsampat | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: General | Version:
Severity: normal | Resolution:
Keywords: needs-testing 2nd-opinion changes- | Focuses: coding-
requested | standards
-------------------------------------------------+-------------------------
Comment (by siliconforks):
I was under the impression that `filter_input()` and other `filter_*`
functions are not allowed to be used in core WordPress (because they are
not guaranteed to be available)?
https://github.com/WordPress/wordpress-
develop/blob/6d0f1857f092c5bc891cb3fdd1b356118bd00a67/src/wp-
includes/functions.php#L7312
https://www.php.net/manual/en/filter.installation.php
--
Ticket URL: <https://core.trac.wordpress.org/ticket/63188#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list