[wp-trac] [WordPress Trac] #50023: Facilitating the transparent editing of user comments by providing sane core defaults (was: major core flaw in comments system found today 28 April 2020 16:00 GMT +3)
WordPress Trac
noreply at wordpress.org
Tue Apr 28 17:08:02 UTC 2020
#50023: Facilitating the transparent editing of user comments by providing sane
core defaults
----------------------------------+------------------------------
Reporter: marciancarutasu | Owner: (none)
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 5.4
Severity: major | Resolution:
Keywords: needs-privacy-review | Focuses: privacy
----------------------------------+------------------------------
Changes (by carike):
* keywords: => needs-privacy-review
* status: closed => reopened
* version: => 5.4
* resolution: worksforme =>
Comment:
Hallo :)
While I fully agree that a site administrator can simply edit the MySQL
database (and while I would not class this as a "security" issue):
I have not seen any valid reason that
1. "Edited by {{username}} on {{date time}}" is **not the sane default**,
2. or why the site administrator should not be provided with a field to
add the reason for editing a comment,
3. or why comment revisions should not be visible on WordPress by default.
Any or all measures above would go some way to providing a good faith
effort to respect the agency of users to the millions of WordPress
installations on the web.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50023#comment:16>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list