[wp-trac] [WordPress Trac] #50023: Facilitating the transparent editing of user comments by providing sane core defaults (was: major core flaw in comments system found today 28 April 2020 16:00 GMT +3)

WordPress Trac noreply at wordpress.org
Tue Apr 28 17:08:02 UTC 2020


#50023: Facilitating the transparent editing of user comments by providing sane
core defaults
----------------------------------+------------------------------
 Reporter:  marciancarutasu       |       Owner:  (none)
     Type:  defect (bug)          |      Status:  reopened
 Priority:  normal                |   Milestone:  Awaiting Review
Component:  Comments              |     Version:  5.4
 Severity:  major                 |  Resolution:
 Keywords:  needs-privacy-review  |     Focuses:  privacy
----------------------------------+------------------------------
Changes (by carike):

 * keywords:   => needs-privacy-review
 * status:  closed => reopened
 * version:   => 5.4
 * resolution:  worksforme =>


Comment:

 Hallo :)

 While I fully agree that a site administrator can simply edit the MySQL
 database (and while I would not class this as a "security" issue):

 I have not seen any valid reason that
 1. "Edited by {{username}} on {{date time}}" is **not the sane default**,
 2. or why the site administrator should not be provided with a field to
 add the reason for editing a comment,
 3. or why comment revisions should not be visible on WordPress by default.

 Any or all measures above would go some way to providing a good faith
 effort to respect the agency of users to the millions of WordPress
 installations on the web.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/50023#comment:16>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list