[wp-trac] [WordPress Trac] #44094: Hook for WP_User data hydration to enable strong data security
WordPress Trac
noreply at wordpress.org
Tue Aug 27 18:30:21 UTC 2019
#44094: Hook for WP_User data hydration to enable strong data security
-----------------------------------+------------------------------
Reporter: yguez | Owner: SergeyBiryukov
Type: enhancement | Status: reviewing
Priority: normal | Milestone: Awaiting Review
Component: Users | Version:
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion | Focuses:
-----------------------------------+------------------------------
Changes (by johnbillion):
* keywords: has-patch => has-patch 2nd-opinion
* milestone: 5.3 => Awaiting Review
Comment:
This change looks fine but I think the WordPress project needs to consider
a unified approach to filtering the hydration of all object types, not
just `WP_User`.
Does this pattern make sense to apply to posts, comments, and terms too?
If so, this should be tackled in a holistic manner.
Does this introduce the ability for a `WP_User` object to contain
completely the wrong data compared to what's expected? If so, the
implications need consideration.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44094#comment:14>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list