[wp-trac] [WordPress Trac] #7546: Secret key generator wrongly
escapes double-quote
WordPress Trac
wp-trac at lists.automattic.com
Tue Aug 19 10:40:17 GMT 2008
#7546: Secret key generator wrongly escapes double-quote
---------------------------+------------------------------------------------
Reporter: thenlich | Owner: matt
Type: defect | Status: new
Priority: normal | Milestone:
Component: WordPress.org | Version:
Severity: normal | Keywords:
---------------------------+------------------------------------------------
The generator at http://api.wordpress.org/secret-key/1.1/ escapes the
double-quote character with a backslash, e.g.
define('AUTH_KEY', '... x&m\"\'0RJ ...}');
...
Since only the single-quote and backslash can be escaped that way in a
single-quoted string, the backslash will be included verbally in the
string.
This will reduce randomness by a small amount and will make the string
longer than 64 characters.
--
Ticket URL: <http://trac.wordpress.org/ticket/7546>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list