[wp-trac] [WordPress Trac] #43308: Alter behavior load-scripts.php and load-styles.php to reduce potentially adverse scenarios

WordPress Trac noreply at wordpress.org
Mon Mar 5 22:26:19 UTC 2018


#43308: Alter behavior load-scripts.php and load-styles.php to reduce potentially
adverse scenarios
---------------------------+--------------------
 Reporter:  youngcp        |       Owner:
     Type:  enhancement    |      Status:  new
 Priority:  normal         |   Milestone:  5.0
Component:  Script Loader  |     Version:  4.9.4
 Severity:  normal         |  Resolution:
 Keywords:  has-patch      |     Focuses:
---------------------------+--------------------

Comment (by azaozz):

 Did some testing and seems the worst part is compressing all the scripts.
 Removing compression from PHP (see 43308.patch) seems to prevent misuse.

 Also see the discussion on #12009 for possibly switching to HTTP/2 +
 `defer`, retiring load-scripts.php and outputting individual script tags.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/43308#comment:16>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list