[wp-trac] [WordPress Trac] #53943: Consider removing user's info in body class for page author
WordPress Trac
noreply at wordpress.org
Wed Aug 18 19:19:17 UTC 2021
#53943: Consider removing user's info in body class for page author
-------------------------+-------------------------
Reporter: jmlapam | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Themes | Version:
Severity: normal | Resolution: maybelater
Keywords: | Focuses:
-------------------------+-------------------------
Changes (by desrosj):
* keywords: 2nd-opinion =>
* resolution: => maybelater
* status: new => closed
* component: Users => Themes
* milestone: Awaiting Review =>
Comment:
I agree with @audrasjb that this is not something that should be changed.
The WordPress project also does not consider usernames or user IDs to be
private or secure information. This is outlined in the
[https://make.wordpress.org/core/handbookWordPress Core Handbook] on the
[https://make.wordpress.org/core/handbook/testing/reporting-security-
vulnerabilities/#why-are-disclosures-of-usernames-or-user-ids-not-a
-security-issue Reporting Security Vulnerabilities page]. As presented
with the information available, the pros of removing this class do not
outweigh the cons.
This issue should also become less and less common as more and more block-
based themes are created.
I'm going to close this out as a `maybelater`. If more information
presents itself to strengthen the case to remove this class, it can be
reconsidered.
Related tickets: #3708, #4290, #5301, #12129.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53943#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list