[wp-trac] Re: [WordPress Trac] #7157: Disable APP and XMLRPC
publishing by default
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 26 22:18:28 GMT 2008
#7157: Disable APP and XMLRPC publishing by default
-------------------------+--------------------------------------------------
Reporter: westi | Owner: westi
Type: enhancement | Status: new
Priority: high | Milestone: 2.6
Component: Security | Version: 2.6
Severity: normal | Resolution:
Keywords: has-patch |
-------------------------+--------------------------------------------------
Comment (by josephscott):
New patches:
* Provide helpful error message when XML-RPC is not enabled. Now done as
part of the authentication check.
* Provide helpful error message when AtomPub is not enabled.
* Enable XML-RPC and AtomPub when doing upgrades.
* Remove check box for enabling XML-RPC & AtomPub during install.
The only XML-RPC functions that don't attempt to authenticate users are:
* demo.sayHello
* demo.addTwoNumbers
* mt.supportedMethods (which seems pretty useless in light of
system.listMethods)
* mt.supportedTextFilters
* mt.getTrackbackPings
* pingback.ping
* pingback.extensions.getPingbacks
Turned XML-RPC and AtomPub back on for upgrades to reduce the amount of
surprised existing users will have.
--
Ticket URL: <http://trac.wordpress.org/ticket/7157#comment:18>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list