[wp-trac] [WordPress Trac] #40081: Remove wp-admin links from all Core emails

WordPress Trac noreply at wordpress.org
Thu Mar 9 18:32:09 UTC 2017


#40081: Remove wp-admin links from all Core emails
--------------------------+------------------------------
 Reporter:  iandunn       |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Mail          |     Version:
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:  administration
--------------------------+------------------------------

Comment (by iandunn):

 > The full regexp for URI_WPADMIN is ,/wp-admin/\w+/,i so it shouldn't
 match /wp-admin/comment.php?action=approve…

 Ah, that's a great catch. It doesn't look like that regex will match
 `example.org/wp-admin/` either, only URLs with a subdirectory, like
 `example.org/wp-admin/network/settings.php`. That's odd that they'd only
 try to catch network-admin emails, but :shrug:

 So, maybe the scope of this ticket should narrow to only remove network-
 admin URLs? I still think it's a bad practice to include any admin URLs,
 though, because it trains users to follow the insecure practice of
 clicking links in emails. What does everyone else think?

--
Ticket URL: <https://core.trac.wordpress.org/ticket/40081#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list