[wp-trac] [WordPress Trac] #16778: wordpress is leaking user/blog information during wp_version_check()
WordPress Trac
wp-trac at lists.automattic.com
Sun Jul 17 10:46:20 UTC 2011
#16778: wordpress is leaking user/blog information during wp_version_check()
----------------------------+------------------------------
Reporter: investici | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version:
Severity: minor | Resolution:
Keywords: legal |
----------------------------+------------------------------
Comment (by toscho):
Replying to [comment:20 investici]:
> whether this bug is fixed by that patch is debatable though, we'd much
prefer having the users opt-in before leaking so much information or at
least make the users/admins aware of the fact (and the reason why?) that
information not related to check for updates is sent while checking for
updates.
I agree, opt-in via `wp-admin/options-privacy.php` would be much better.
But seeing how strongly some people are against more privacy I thought my
patch could be a first compromise. Not good enough – but better than
nothing.
I would write a patch for a user controlled opt-in per backend if we find
a consensus.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16778#comment:21>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list