[wp-trac] [WordPress Trac] #21386: XML-RPC needs a user permission method
WordPress Trac
noreply at wordpress.org
Fri Nov 23 20:42:43 UTC 2012
#21386: XML-RPC needs a user permission method
--------------------------+-----------------------------
Reporter: markoheijnen | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: XML-RPC | Version:
Severity: normal | Resolution:
Keywords: mobile |
--------------------------+-----------------------------
Comment (by nacin):
Fairly little to do with security. Rather, returning a raw array of
capabilities and roles doesn't help when it comes to actually processing
capability. No filters are run, nor would map_meta_cap() get a chance to
do its magic. Raw role names could go a long way for basic sanity checks,
which is why those almost made it in.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21386#comment:13>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list