[theme-reviewers] wp-themes: SWIFT - 5.29

Joseph Scott joseph at automattic.com
Tue Jun 22 22:54:05 UTC 2010

Injecting 3rd party code into the wp-admin area isn't a good idea.  By
definition users must be logged in to be there, making it a sensitive spot.

This issue is doubly important for themes, as there's nothing about a theme
that would indicate to a user that this sort of thing is happening.  Plugins
have an advantage in this area because plugins by their very nature have
specific tasks, so activating one implies that the user has an idea of what
it is going to do.  Usually activating a theme means the front end of the
site changes to a new look and feel.

On Thu, Jun 17, 2010 at 11:57 AM, SATISH GANDHAM
<satish_g2009 at yahoo.co.in>wrote:

> I included twitter widget and facebook fan page, they are well known and
> safe sites. Those two scripts shouldn't create any security issues.
> This is the only means of promotion I have for my theme. As it's a free
> theme there is no affiliate revenue, so nobody would write about my theme,
> all my hard work is shadowed by the premium themes.
> I don't think having those two widgets will be a problem for the users, I
> wouldn't have done that if it creates problems.
> Should I remove those two widgets or is there any alternate.
> I don't have any problem removing them, It's your software and I have to
> play by your rules.

Joseph Scott
joseph at josephscott.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/mailman/private/theme-reviewers/attachments/20100622/f82b138b/attachment.htm>

More information about the theme-reviewers mailing list