[wp-trac] [WordPress Trac] #14682: Privacy leakage: gravatars leak identity information

WordPress Trac noreply at wordpress.org
Wed Jun 20 17:38:10 UTC 2018


#14682: Privacy leakage: gravatars leak identity information
--------------------------+------------------------------
 Reporter:  jmdh          |       Owner:  (none)
     Type:  defect (bug)  |      Status:  reopened
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Comments      |     Version:  3.0
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+------------------------------

Comment (by pputzer):

 A sample implementation of a possible solution to the privacy issues is
 available in the form of [https://wordpress.org/plugins/avatar-privacy/
 Avatar Privacy]. The plugin uses a salted hash (SHA256) as the on-site
 identifier and caches the gravatars locally (it also does some other
 things that do not directly apply to this issue, such as adding a
 Gravatar.com consent checkbox to the comment form).

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/14682#comment:37>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list