[wp-trac] [WordPress Trac] #10360: $_REQUEST's slashes may differ from $_GET/$_POST
WordPress Trac
wp-trac at lists.automattic.com
Sun Jul 26 18:18:00 UTC 2009
#10360: $_REQUEST's slashes may differ from $_GET/$_POST
--------------------------+-------------------------------------------------
Reporter: dd32 | Owner: ryan
Type: defect (bug) | Status: new
Priority: normal | Milestone: 2.8.3
Component: Security | Version: 2.8
Severity: normal | Keywords: has-patch commit
--------------------------+-------------------------------------------------
Comment(by hakre):
("'Quote' on Quote") Simple fact is, WordPress uses/expects the $_REQUEST
data not to be slashed. If you say A for _POST and _GET, then you must say
B for_REQUEST. If you argue to keep up with the status quo, then this is
an argument against changing current $_REQUEST data.
If you decide to change the current slashing of the superglobals
containing request data, then I suggest to stop slashing them to improve
the dataflow instead of repeating wrong decisions of the past.
Additionally I have only asked that you link to the other ticket you used
as argument. I know that there are a lot of tickets that are about
slashing or not slashing data so I can not exactly follow your point until
you link that certain ticket you meant. That's all. I know how to deal
with the trac search, so please do not feel offended by me asking. I
thought you have it in your browsers history or similar.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10360#comment:32>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list