[wp-trac] [WordPress Trac] #53784: Limiting user enumeration through the REST API

WordPress Trac noreply at wordpress.org
Wed Sep 8 13:04:57 UTC 2021


#53784: Limiting user enumeration through the REST API
-------------------------------------------------+-------------------------
 Reporter:  ehtis                                |       Owner:  (none)
     Type:  defect (bug)                         |      Status:  assigned
 Priority:  normal                               |   Milestone:  Future
                                                 |  Release
Component:  REST API                             |     Version:
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch has-unit-tests has-        |     Focuses:  rest-api,
  screenshots                                    |  privacy
-------------------------------------------------+-------------------------

Comment (by fictiont):

 Replying to [comment:6 audrasjb]:
 > Thank for working on this @fictiont !
 > The PR looks good to me, I'm only wondering if the long comment above
 the change is really needed.
 > I'd prefer to add a hook to filter `$allowed_columns` and to use it to
 document properly the default behavior.

 Thank you @audrasjb for the suggestion! I agree that would be a better
 approach. However, I'm not sure I could make an update to the patch before
 the meeting.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/53784#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list