[wp-trac] [WordPress Trac] #42036: Add same-origin referrer-policy header to WP Admin pages
WordPress Trac
noreply at wordpress.org
Fri Sep 29 21:16:46 UTC 2017
#42036: Add same-origin referrer-policy header to WP Admin pages
-------------------------+--------------------------
Reporter: joostdevalk | Owner: joostdevalk
Type: enhancement | Status: assigned
Priority: normal | Milestone: 4.9
Component: Security | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-------------------------+--------------------------
Comment (by joostdevalk):
As far as I know, and I'd love to be proven wrong: there's nothing we
could do. The default is already set to `true` as the second parameter for
`header` in the patch, thereby it tries to replace other headers of the
same name, resulting from code.
Other than that, the fact that people have and will add headers to output
is not something WordPress core can account for...
--
Ticket URL: <https://core.trac.wordpress.org/ticket/42036#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list