[wp-trac] Re: [WordPress Trac] #3188: Shouldn't use deprecated
functions start_wp
WordPress Trac
wp-trac at lists.automattic.com
Thu Nov 30 09:08:42 GMT 2006
#3188: Shouldn't use deprecated functions start_wp
-------------------------+--------------------------------------------------
Reporter: foolswisdom | Owner: westi
Type: defect | Status: reopened
Priority: normal | Milestone: 2.1
Component: General | Version: 2.1
Severity: normal | Resolution:
Keywords: has-patch |
-------------------------+--------------------------------------------------
Comment (by westi):
Replying to [comment:8 matt]:
> Wouldn't this allow someone to put export in the query string on
someone's blog or RSS feed and grab the whole thing?
Well post_type is a private query var
(http://trac.wordpress.org/browser/trunk/wp-includes/classes.php#L6).
I'm not entirely sure how that affects where or not it is allowed in the
url without spending more time reading the code.
However it probably should.
--
Ticket URL: <http://trac.wordpress.org/ticket/3188#comment:9>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list