XSS attack prevention changes in 2.7.1 | WordPress.org

caemusic
(@caemusic)

15 years, 2 months ago

I’ve highly customized my php files, so I’d rather not upgrade.. I just want to add the filter enhancements to help prevent XSS attacks so I’m going to do it manually.

After looking at the diff logs I want to make sure I’m doing it right. I’m assuming red means deleted and green means added? All three patches made changes to formatting.php so it’s sort of confusing.

Are the fixes mentioned on this page the only changes in 2.7.1 that help prevent hacks?

http://core.trac.wordpress.org/ticket/8767

Thanks

Viewing 1 replies (of 1 total)

Moderator Samuel Wood (Otto)
(@otto42)

WordPress.org Admin

15 years, 2 months ago

The changes made are rather extensive, I would not recommend attempting to implement them yourself.

Upgrade. If you have customized files, then consider abstracting your customizations into plugins or non-core files.

Viewing 1 replies (of 1 total)

The topic ‘XSS attack prevention changes in 2.7.1’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: Samuel Wood (Otto)
Last activity: 15 years, 2 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics