[wp-trac] [WordPress Trac] #28523: wp_send_json to allow for JSONP

WordPress Trac noreply at wordpress.org
Fri Jun 13 00:25:19 UTC 2014


#28523: wp_send_json to allow for JSONP
-------------------------+------------------------------
 Reporter:  sc0ttkclark  |       Owner:
     Type:  enhancement  |      Status:  new
 Priority:  normal       |   Milestone:  Awaiting Review
Component:  General      |     Version:  3.5
 Severity:  normal       |  Resolution:
 Keywords:               |     Focuses:
-------------------------+------------------------------

Comment (by sc0ttkclark):

 Replying to [comment:7 georgestephanis]:
 > For reference, proof of concept that automatically allowing JSONP would
 turn into an exploitable data leakage --
 https://gist.github.com/georgestephanis/c8bdd3079b0cfba85067 (mentioned it
 to Scott on Twitter)

 My earlier reply applies to that, I also replied on the gist directly too.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/28523#comment:9>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list