[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information
WordPress Trac
noreply at wordpress.org
Wed Jun 20 17:38:10 UTC 2018
#14682: Privacy leakage: gravatars leak identity information
--------------------------+------------------------------
Reporter: jmdh | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 3.0
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by pputzer):
A sample implementation of a possible solution to the privacy issues is
available in the form of [https://wordpress.org/plugins/avatar-privacy/
Avatar Privacy]. The plugin uses a salted hash (SHA256) as the on-site
identifier and caches the gravatars locally (it also does some other
things that do not directly apply to this issue, such as adding a
Gravatar.com consent checkbox to the comment form).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/14682#comment:37>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list