[wp-trac] [WordPress Trac] #44204: Privacy export codebase in 4.9.6 doesn't use WP Filesystem API

WordPress Trac noreply at wordpress.org
Wed May 23 13:01:28 UTC 2018


#44204: Privacy export codebase in 4.9.6 doesn't use WP Filesystem API
-------------------------------------+-----------------------------
 Reporter:  diablodale               |      Owner:  (none)
     Type:  defect (bug)             |     Status:  new
 Priority:  normal                   |  Milestone:  Awaiting Review
Component:  Privacy                  |    Version:  4.9.6
 Severity:  normal                   |   Keywords:
  Focuses:  administration, privacy  |
-------------------------------------+-----------------------------
 The codebase added in WP 4.9.6 for privacy was written with low-level file
 APIs like fopen(), file_exists(), fwrite(), etc. rather than the WP
 Filesystem API. Quick to see in
 wp_privacy_generate_personal_data_export_file(). This restricts core parts
 of the privacy management functionality to only operate on hosts with
 direct access to the local filesystem.

 It is recommended to instead use the WP Filesystem API so that more secure
 hosts are supported and a broader set of filesystems can be used, e.g.
 SSH, FTPext, FTPsocket, etc. https://codex.wordpress.org/Filesystem_API

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/44204>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list