[wp-trac] Re: [WordPress Trac] #7157: Disable APP and XMLRPC publishing by default

WordPress Trac wp-trac at lists.automattic.com
Thu Jun 26 22:18:28 GMT 2008

#7157: Disable APP and XMLRPC publishing by default
 Reporter:  westi        |        Owner:  westi
     Type:  enhancement  |       Status:  new  
 Priority:  high         |    Milestone:  2.6  
Component:  Security     |      Version:  2.6  
 Severity:  normal       |   Resolution:       
 Keywords:  has-patch    |  
Comment (by josephscott):

 New patches:

  * Provide helpful error message when XML-RPC is not enabled.  Now done as
 part of the authentication check.
  * Provide helpful error message when AtomPub is not enabled.
  * Enable XML-RPC and AtomPub when doing upgrades.
  * Remove check box for enabling XML-RPC & AtomPub during install.

 The only XML-RPC functions that don't attempt to authenticate users are:

  * demo.sayHello
  * demo.addTwoNumbers
  * mt.supportedMethods (which seems pretty useless in light of
  * mt.supportedTextFilters
  * mt.getTrackbackPings
  * pingback.ping
  * pingback.extensions.getPingbacks

 Turned XML-RPC and AtomPub back on for upgrades to reduce the amount of
 surprised existing users will have.

Ticket URL: <http://trac.wordpress.org/ticket/7157#comment:18>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list