[wp-trac] [WordPress Trac] #11015: Admin Ajax actions should pass relevant global variables
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 2 20:49:18 UTC 2009
#11015: Admin Ajax actions should pass relevant global variables
----------------------------------+-----------------------------------------
Reporter: filosofo | Owner: ryan
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: JavaScript | Version: 2.9
Severity: normal | Resolution: wontfix
Keywords: admin-ajax has-patch |
----------------------------------+-----------------------------------------
Changes (by westi):
* status: new => closed
* resolution: => wontfix
* milestone: 2.9 =>
Comment:
Strong -1
It should be obvious inside a function when you are accessing a
superglobal.
Passing $_REQUEST as a argument hides the use of the superglobal in the
function.
That makes it much easier to audit code and identify where user supplied
data is/isnt being trusted.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11015#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list