[wp-trac] [WordPress Trac] #38855: REST API: Turn off unauthed comment write by default

WordPress Trac noreply at wordpress.org
Mon Nov 21 05:31:09 UTC 2016


#38855: REST API: Turn off unauthed comment write by default
--------------------------------------+---------------------
 Reporter:  helen                     |       Owner:  rmccue
     Type:  task (blessed)            |      Status:  closed
 Priority:  high                      |   Milestone:  4.7
Component:  REST API                  |     Version:
 Severity:  major                     |  Resolution:  fixed
 Keywords:  has-patch has-unit-tests  |     Focuses:
--------------------------------------+---------------------
Changes (by rmccue):

 * status:  reviewing => closed
 * resolution:   => fixed


Comment:

 In [changeset:"39327"]:
 {{{
 #!CommitTicketReference repository="" revision="39327"
 REST API: Disable anonymous commenting by default.

 Adding a brand new anonymous comment method is a potential conduit for
 spam. Since it's still useful functionality, we're now hiding it behind a
 filter to allow plugins and themes to turn it on if they do want it.

 Props helen, rachelbaker, joehoyle.
 Fixes #38855.
 }}}

--
Ticket URL: <https://core.trac.wordpress.org/ticket/38855#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list