[wp-trac] [WordPress Trac] #44141: Privacy: Don't replace comment author URL and email with anything
WordPress Trac
noreply at wordpress.org
Tue Jul 17 08:36:09 UTC 2018
#44141: Privacy: Don't replace comment author URL and email with anything
-------------------------------------------------+-------------------------
Reporter: johnbillion | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.9.8
Component: Comments | Version: 4.9.6
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests needs- | Focuses: privacy
testing needs-refresh |
-------------------------------------------------+-------------------------
Comment (by azaozz):
> Add a _wp_anonymized comment meta value of true when a comment is
successfully anonymized.
Why more data? We are trying to get rid of it :)
If this really needs to be logged, it should go somewhere else: a proper
logging system perhaps, although that would mostly defeat the purpose (as
it would be possible to trace anonymized data back to a particular user
from a particular "anonymization event").
Looking at 44141.diff and 44141.2.diff, `wp_privacy_anonymize_data()`
shouldn't be changed. It's not meant just for comments, it should "Return
uniform anonymous data by type" (see the inline docs) :) The empty strings
should be in the `wp_comments_personal_data_eraser()` as these strings are
optional for comments but may not be optional in other places.
I understand the concerns about having invalid URLs in the DB, but the
whole point of these privacy efforts is to get the users to "look before
they click", i.e. be a bit more concerned with their own privacy.
Following an URL that has `.invalid` domain is pretty clear imho :)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44141#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list