[wp-trac] [WordPress Trac] #52457: WordPress vulnerable to search-reflected webspam
WordPress Trac
noreply at wordpress.org
Tue Feb 16 00:40:36 UTC 2021
#52457: WordPress vulnerable to search-reflected webspam
--------------------------------------+-----------------------
Reporter: abagtcs | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 5.7
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch has-unit-tests | Focuses: template
--------------------------------------+-----------------------
Changes (by peterwilsoncc):
* keywords: has-patch needs-testing needs-unit-tests => has-patch has-
unit-tests
Comment:
In [attachment:"52457.diff"]:
* no change from pull request
* unit test to ensure noindex displays on search
* unit test to ensure noindex does not display on other pages
Revised approach looks good to me.
@jonoaldersonwp I noticed sensitive pages include a `noindex, noarchive`
directive. Is the latter required for search too?
If not, I've also tested this and think it's good for commit if
`noarchive` isn't needed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52457#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list