[wp-trac] [WordPress Trac] #10337: Easier embeds for 2.9 (oEmbed perhaps?)
WordPress Trac
wp-trac at lists.automattic.com
Thu Dec 17 13:19:04 UTC 2009
#10337: Easier embeds for 2.9 (oEmbed perhaps?)
-------------------------------------+--------------------------------------
Reporter: ryan | Owner: Viper007Bond
Type: task (blessed) | Status: closed
Priority: normal | Milestone: 2.9
Component: Shortcodes | Version:
Severity: normal | Resolution: fixed
Keywords: has-patch needs-testing |
-------------------------------------+--------------------------------------
Comment(by Viper007Bond):
Replying to [comment:71 Otto42]:
> I'm very disappointed that the team decided to cripple this otherwise
extremely cool functionality.
We're saving people from themselves. It's not "crippled" as you call it,
it's just limited to a whitelist so the novice user doesn't screw
themselves over.
If a user happened to paste the URL to something on my blog on it's own
line and unhyperlinked, I could easily make that URL turn into a bit of
code that'd steal their login cookies without them ever knowing. Then I'd
have full access to their blog.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10337#comment:74>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list