[wp-meta] [Making WordPress.org] #5747: Block plugins using invalid `Update URI` headers
Making WordPress.org
noreply at wordpress.org
Fri Apr 1 01:42:54 UTC 2022
#5747: Block plugins using invalid `Update URI` headers
------------------------------+-----------------------
Reporter: dd32 | Owner: dd32
Type: task (blessed) | Status: accepted
Priority: high | Milestone:
Component: Plugin Directory | Resolution:
Keywords: needs-patch |
------------------------------+-----------------------
Comment (by dd32):
> The header formats which should be supported for hosted plugins should
be either:
> * https://wordpress.org/plugins/$slug/
> * w.org/plugins/$slug
> * Not set
Just a note on this, If a WordPress.org plugin includes that header, it's
actually useful for api.wordpress.org/plugins/update-check/ as it gets to
skip a bunch of plugin-matching code and go straight to "Oh good, this
plugin is XYZ" without having to do something like "The slug looks like
XYZ.. the author is different.. the plugin name is XYZ.. it's probably
XYZ".
Blocking it entirely is possible, and requested in #6238 which I'm not
against.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/5747#comment:8>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list