[wp-trac] [WordPress Trac] #10360: $_REQUEST's slashes may differ from $_GET/$_POST (was: $_REQUEST's slashes may differ from $_GEt/$_POSt)
WordPress Trac
wp-trac at lists.automattic.com
Fri Jul 10 11:21:10 UTC 2009
#10360: $_REQUEST's slashes may differ from $_GET/$_POST
--------------------------+-------------------------------------------------
Reporter: dd32 | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.2
Component: Security | Version: 2.9
Severity: normal | Keywords: needs-patch dev-feedback
--------------------------+-------------------------------------------------
Comment(by dd32):
Except its hardly Legacy, And is used more often in WP every version.
Generally only or comparison of action args. Its rarely used for data
which may include slashes, infact, pretty much unheard of.
there was a recent changeset which forces $_REQUEST to be $_GET + $_POST,
so it removes most of the usual PHP-arguements against using $_REQUEST.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10360#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list