[wp-hackers] SVN Revision in footer?
dougal at gunters.org
Mon Sep 15 14:41:05 GMT 2008
Dan Coulter wrote:
> Here's a tooltip version: http://junk.ssdn.us/svn-revision-tooltip.php.txt
> On Sun, Sep 14, 2008 at 1:59 PM, Alex Hempton-Smith <
> hempsworth at googlemail.com> wrote:
One suggestion: run the extracted revision number through the
attribute_escape() function. Never trust external data, even when you
*think* it can be trusted. If an unauthorized attacker found a way to
into the admin footer, otherwise.
An unlikely possibility to be sure, but you can never be too safe :)
Dougal Campbell <dougal at gunters.org>
I'm going to WordCamp Birmingham! Are you?
More information about the wp-hackers