Account Options

  1. Sign in
The old Google Groups will be going away soon.
Switch to the new Google Groups.
Google Groups Home
« Groups Home
wp-hackers
Home
+ new post
About this group
Join this group
Message from discussion Plugin update & security / privacy - Data sent
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Moritz 'Morty' Strübe  
View profile  
 More options Sep 23 2007, 10:29 am
From: Moritz 'Morty' Strübe <mo...@gmx.net>
Date: Sun, 23 Sep 2007 15:29:29 +0100
Local: Sun, Sep 23 2007 10:29 am
Subject: Re: [wp-hackers] Plugin update & security / privacy - Data sent
Print | View thread | Show original | Report this message | Find messages by this author
Omry, although I do agree with you, I'm not sure whether you understand
the situation. We are not discussing what we - in this case they, as I
am not a core-dev and I think neither are you - should do or what is the
best way to solve this problem. The code is there and tested. The
release is Monday, tomorrow. There will be _no_ changes is the way it
works. The only thing that might happen, is that the URL get's wrapped
in a md5 or better not transmitted at all.
Cheers
Morty

Omry Yadan schrieb:

> Sounds good to me.

> maybe we should only send plugin file, version and name.

> also, in the spirit of my original proposal:

> 1. this should not be bundled with the new version check.

> 2. users should explicitly agree to send info before WP sends anything.

> Moritz 'Morty' Strübe wrote:

>> To get some facts out added some debugging output.
>> Notice that there are 11k of data transmitted. Also of course your
>> Wordpress version and your url (which I already encapsulated in a md5).
>> IMHO a list of plugin names and a answer with the current version
>> numbers is enough data to be transmitted.

>> The request:

>> POST /plugins/update-check/1.0/ HTTP/1.0
>> Host: api.wordpress.org
>> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
>> Content-Length: 11000
>> User-Agent: WordPress/2.3-RC1; 4b028de5098db7fb05c6d6dd264de215

>> And the data:

>> data:object(stdClass)(2) {
>>   ["plugins"]=>
>>   array(15) {
>>     ["akismet/akismet.php"]=>
>>     array(5) {

[...]

_______________________________________________
wp-hackers mailing list
wp-hack...@lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2012 Google