[wp-trac] Re: [WordPress Trac] #7677: WordPress should implement
HttpOnly Cookies to slow down XSS
WordPress Trac
wp-trac at lists.automattic.com
Wed Sep 3 18:05:18 GMT 2008
#7677: WordPress should implement HttpOnly Cookies to slow down XSS
----------------------------------------------+-----------------------------
Reporter: _ck_ | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.7
Component: Security | Version:
Severity: major | Resolution:
Keywords: cookies needs-patch dev-reviewed |
----------------------------------------------+-----------------------------
Comment (by ryan):
The patch to make it work for < 5.2 is kinda ghetto. Since this is a
defense-in-depth security addition and not essential, I think requiring
5.2 is okay, especially since those concerned with security will be moving
to PHP 5 now that PHP 4 is eol.
--
Ticket URL: <http://trac.wordpress.org/ticket/7677#comment:9>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list