[wp-trac] [WordPress Trac] #10360: $_REQUEST's slashes may differ from $_GET/$_POST
WordPress Trac
wp-trac at lists.automattic.com
Sat Jul 11 10:07:14 UTC 2009
#10360: $_REQUEST's slashes may differ from $_GET/$_POST
--------------------------+-------------------------------------------------
Reporter: dd32 | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.2
Component: Security | Version: 2.8
Severity: normal | Keywords: dev-feedback
--------------------------+-------------------------------------------------
Comment(by dd32):
> added a patch that slashes $_REQUEST instead
I didnt see the point in slashing the data twice, and before that block
is hit, you cant guarantee what condition the data is in those variables.
AFAIK nothing(mission critical) uses any of the request-related globals
before then anyway
> Just to remind: If it's the point to not change the way to slash request
variables, then this is true for $_REQUEST as well. This Ticket is invalid
then.
Not sure i can follow that english..
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10360#comment:22>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list