[wp-trac] [WordPress Trac] #25840: Feature Request: WP_ACCESSIBLE_HOSTS as option
WordPress Trac
noreply at wordpress.org
Thu Nov 7 07:05:06 UTC 2013
#25840: Feature Request: WP_ACCESSIBLE_HOSTS as option
-------------------------+--------------------
Reporter: xFireFartx | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 3.8
Component: HTTP | Version: 3.7.1
Severity: normal | Resolution:
Keywords: |
-------------------------+--------------------
Comment (by dd32):
Replying to [comment:10 rmccue]:
> Apart from the intellectual exercise, I'm not sure it really matters. If
you enable a plugin, it can already run arbitrary code, so it's hardly a
security issue.
Yeah, these constants aren't designed as a security measure (you should
have a firewall between the web server and the LAN/Web if you need to
prevent connections) and are rather more designed to prevent HTTP timeouts
to inaccessible hosts.
Looking at [attachment:25840.2.diff] we'll also need to change the code
further down that expects WP_ACCESSIBLE_HOSTS to be defined. It should
instead be changed to loop over the filters results, and if * is present,
add it to the wildcard list, etc.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/25840#comment:11>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list