[wp-trac] [WordPress Trac] #44161: Expired session tokens need to be removed from database because GDPR
WordPress Trac
noreply at wordpress.org
Sun May 20 15:12:32 UTC 2018
#44161: Expired session tokens need to be removed from database because GDPR
-------------------------+-----------------------------
Reporter: mechter | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Privacy | Version: 4.9.6
Severity: normal | Keywords: needs-patch
Focuses: |
-------------------------+-----------------------------
WordPress stores the IP address (which is considered personal information)
as part of its session tokens in the usermeta table. When the session
expires, GDPR would seem to require the IP address to be removed from the
database, as there is no longer a reason to keep it.
There should be some kind of garbage collection that removes expired
session tokens on a daily basis.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44161>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list