[wp-trac] [WordPress Trac] #15327: Strip down admin-ajax.php to be a bare bones ajax handler.
WordPress Trac
wp-trac at lists.automattic.com
Mon Jan 23 08:58:32 UTC 2012
#15327: Strip down admin-ajax.php to be a bare bones ajax handler.
------------------------------------------------+------------------------
Reporter: westi | Owner: kurtpayne
Type: enhancement | Status: accepted
Priority: normal | Milestone: 3.4
Component: Administration | Version: 3.1
Severity: normal | Resolution:
Keywords: westi-likes has-patch dev-feedback |
------------------------------------------------+------------------------
Comment (by dd32):
> If we do that it would let plugins remove and/or replace default core
AJAX handlers which is not desirable.
I still question why this is even a problem. Plugins can already destroy
the experience by removing or altering plenty of other things, Adding
"safe guards" to prevent authors from doing something stupid here isn't
something we generally do.
We can make it harder by adding the actions within admin-ajax.php without
a action between the add actions and do action, with some specific
comments of "do not do this.. we warn you" for removing them, but doing
much past that feels like we don't trust Plugins and are doing things
differently to avoid a few bad apples in the entire farm.
arguably, being able to hook in before/after code ajax handlers run is a
-good- thing, and yes, some plugins could break ajax entirely by replacing
the handler with something that has a bug - but if they're in the position
that they want to do that, they'll already be doing it (either through
php, or through overriding the javascript functions that do the ajax
request)
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15327#comment:20>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list