[wp-trac] Re: [WordPress Trac] #5272: WordPress allows anonymous
user to see slug for private post by guessing post number
WordPress Trac
wp-trac at lists.automattic.com
Wed Nov 7 11:02:28 GMT 2007
#5272: WordPress allows anonymous user to see slug for private post by guessing
post number
-----------------------------------------------------+----------------------
Reporter: tzafrir | Owner: pishmishy
Type: defect | Status: assigned
Priority: normal | Milestone: 2.4
Component: General | Version: 2.3.1
Severity: major | Resolution:
Keywords: has-patch canonical redirection private |
-----------------------------------------------------+----------------------
Changes (by pishmishy):
* keywords: needs-patch => has-patch canonical redirection private
Comment:
Fix is to add an additional condition to be satisfied before canonical
redirection can take place.
Not entirely happy with my patch but it does fix the problem. Someone more
familiar with query.php can probably come up with an is_private()
function. is_empty works just as well though.
--
Ticket URL: <http://trac.wordpress.org/ticket/5272#comment:4>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list