[wp-trac] [WordPress Trac] #23497: Revisions Rewrite using JS/Backbone
WordPress Trac
noreply at wordpress.org
Mon Feb 18 18:20:39 UTC 2013
#23497: Revisions Rewrite using JS/Backbone
-------------------------------------------------+-------------------------
Reporter: adamsilverstein | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting
Component: Revisions | Review
Severity: normal | Version: 3.5.1
Keywords: has-patch needs-refresh dev- | Resolution:
feedback |
-------------------------------------------------+-------------------------
Comment (by duck_):
Looks good! :)
Quick review of the patch (I looked at 23497.diff from wonderboymusic):
* XSS in revisions.php: $postid should be run through absint()
* revisions.php needs some caps checks
* $action isn't used in revisions.php, but it's reset from GET/POST
* wp_reset_vars() in the ajax action isn't very nice as it relies on
globals
* Missing $suffix on when revisions.js is registered? (Plus an
unnecessary space in `array ('backbone`)
I know this is WIP, but I wanted to mention these things so they aren't
forgotten.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23497#comment:15>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list