[wp-trac] [WordPress Trac] #39854: REST API: Add gmt_offset to base /wp-json response
WordPress Trac
noreply at wordpress.org
Mon Feb 27 00:31:11 UTC 2017
#39854: REST API: Add gmt_offset to base /wp-json response
-------------------------------------------------+-------------------------
Reporter: jnylen0 | Owner: jnylen0
Type: enhancement | Status: accepted
Priority: normal | Milestone: 4.8
Component: REST API | Version: 4.7
Severity: normal | Resolution:
Keywords: needs-unit-tests needs-refresh dev- | Focuses: rest-api
feedback needs-patch |
-------------------------------------------------+-------------------------
Changes (by rmccue):
* keywords: has-patch needs-unit-tests needs-refresh dev-feedback =>
needs-unit-tests needs-refresh dev-feedback needs-patch
Comment:
Strong -1 on `is_user_logged_in()`, we should always be checking
authorization (capabilities) not authentication (presence of user).
Why do we need to restrict this in any case? I see no potential security
or privacy issues in exposing this.
Also, if we expose `gmt_offset`, we should also expose `timezone_string`.
The former is not stable (i.e. it changes regularly in timezones with
daylight savings), and the latter is the only real one you can depend on
over time.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39854#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list