[wp-trac] [WordPress Trac] #43545: Helper functions: Anonymizing data in a standardized way

WordPress Trac noreply at wordpress.org
Wed Apr 11 23:35:55 UTC 2018 

#43545: Helper functions: Anonymizing data in a standardized way
--------------------------------+---------------------
 Reporter:  dejliglama          |       Owner:  (none)
     Type:  enhancement         |      Status:  new
 Priority:  normal              |   Milestone:  5.0
Component:  Options, Meta APIs  |     Version:  trunk
 Severity:  normal              |  Resolution:
 Keywords:  needs-patch gdpr    |     Focuses:
--------------------------------+---------------------

Comment (by iandunn):

 [attachment:43545.4.diff] looks pretty good to me. I made a few minor
 changes in [attachment:43545.5.diff]:

 === `src`:

 * Move `$ip_prefix` from `get_unsafe_client_ip()`
 `wp_privacy_anonymize_ip()` to preserve the default value (although the
 `NULL` would probably get converted to `''` anyway).
 * Minor cleanup (trailing spaces, full stops, etc).

 === `tests`:

 * Moved the tests from
 `Test_WP_Community_Events::test_get_unsafe_client_ip_anonymization()` to
 `Tests_Functions_Anonymization`, so that they remain attached to the
 function they're testing.
 * Refactored `Test_WP_Community_Events::test_get_unsafe_client_ip()` to
 only test the functionality left in `get_unsafe_client_ip()`.
 * Swapped function params in unit test calls to
 `wp_privacy_anonymize_ip()`, so that the tests pass.

 ----

 It might be worth noting that the Events Widget doesn't strictly need
 `$ipv6_fallback` mode, if using the un-anonymized IP is going to cause
 GDPR issues. If only anonymized IPs were sent to api.wordpress.org, then a
 small subset of users -- those running PHP `< 5.3` on Windows -- would
 lose the functionality that automatically displays events based on
 geolocating the IP address. Instead, they'd have to manually enter their
 location.

 Automatically detecting the location and showing local events is one of
 key features of the Events Widget, because the demographic it primarily
 targets are those users who aren't already aware of the WP community, and
 are therefore less likely to put in the effort to explore the dashboard
 widget and manually fetch the events. Having said that, though, removing
 that functionality could be an acceptable compromise.

 If we do keep `$ipv6_fallback` mode, then we should probably add some
 tests for it.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/43545#comment:31>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list