[wp-trac] [WordPress Trac] #11775: in ms-edit.php, illegal_names gets updated without the slightest validation
WordPress Trac
wp-trac at lists.automattic.com
Mon Aug 13 22:30:47 UTC 2012
#11775: in ms-edit.php, illegal_names gets updated without the slightest validation
-------------------------------+---------------------
Reporter: Denis-de-Bernardy | Owner: ryan
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 3.0
Component: Security | Version: 3.0
Severity: normal | Resolution: fixed
Keywords: multisite |
-------------------------------+---------------------
Comment (by mdawaffe):
This change breaks {{{is_email_address_unsafe()}}}'s ability to handle
domains specified via regex.
Previously, you could add a banned domain like:
{{{
/^bar[.]com$/
}}}
so that email addresses from foobar.com wouldn't get blacklisted. Now,
that domain is treated as illegal input and is stripped.
Sanitizing regex is a pain. Suggested solution at #21570.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11775#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list