[wp-trac] [WordPress Trac] #28523: wp_send_json to allow for JSONP
WordPress Trac
noreply at wordpress.org
Fri Jun 13 00:25:19 UTC 2014
#28523: wp_send_json to allow for JSONP
-------------------------+------------------------------
Reporter: sc0ttkclark | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.5
Severity: normal | Resolution:
Keywords: | Focuses:
-------------------------+------------------------------
Comment (by sc0ttkclark):
Replying to [comment:7 georgestephanis]:
> For reference, proof of concept that automatically allowing JSONP would
turn into an exploitable data leakage --
https://gist.github.com/georgestephanis/c8bdd3079b0cfba85067 (mentioned it
to Scott on Twitter)
My earlier reply applies to that, I also replied on the gist directly too.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28523#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list