[wp-trac] [WordPress Trac] #25174: Expand zxcvbn user_input blacklist

WordPress Trac noreply at wordpress.org
Mon Sep 16 18:01:28 UTC 2013


#25174: Expand zxcvbn user_input blacklist
-------------------------+--------------------
 Reporter:  iandunn      |       Owner:
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  3.7
Component:  Security     |     Version:  trunk
 Severity:  normal       |  Resolution:
 Keywords:  has-patch    |
-------------------------+--------------------

Comment (by nacin):

 I think we could do this entirely via JS, by building an array using not
 only the current value of the inputs, but also the original value of them,
 using defaultValue.

 Then all we'd need to worry about is passing the current user's
 information to JS. No security concerns there.

 home URL and site title are fine, but I would probably ignore admin_email.

 Let's try to clean up a lot of the todo's here.

--
Ticket URL: <http://core.trac.wordpress.org/ticket/25174#comment:5>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list