[wp-trac] [WordPress Trac] #10360: $_REQUEST's slashes may differ from $_GET/$_POST
WordPress Trac
wp-trac at lists.automattic.com
Sun Jul 26 12:00:39 UTC 2009
#10360: $_REQUEST's slashes may differ from $_GET/$_POST
--------------------------+-------------------------------------------------
Reporter: dd32 | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.3
Component: Security | Version: 2.8
Severity: normal | Keywords: has-patch commit
--------------------------+-------------------------------------------------
Comment(by hakre):
+1 for removing slashes from _POST and _GET sothat - as dd32 makes bold -
_POST and _GET can be replaced anytime with _REQUEST. Plus the point that
"we all agree that relying upon slashed data in superglobals is bad." (is
the wordpress maintainer part of that "we" or not?)
The currrent patch does not reflect that, it just merges (slashes) _POST &
_GET into _REQUEST and not the other way round (dd32 wrote about replacing
_POST resp. _GET with _REQUEST and not the other way round).
So I see no has-patch nor commit readyness.
How can we get a valid statement from the maintainer on this issue?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10360#comment:29>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list