Make WordPress Core

Opened 13 years ago

Closed 13 years ago

#18819 closed enhancement (duplicate)

CDNs May Expose Personally Identifiable Information

Reported by: whitejv's profile WhiteJV Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: General Keywords: has-patch
Focuses: Cc:

Description

When a visitor makes a comment on a post, WordPress sets a cookie with the filled in information. Then, when the visitor returns or navigates to another post, that cookie is used to fill in the comment form with the previously used values. Because this is delivered to the browser as flat HTML, content delivery networks will cache this information and expose personally identifiable information until the TTL expires.

Attachments (5)

wp-comments-post.php (3.9 KB) - added by WhiteJV 13 years ago.
Patched wp-comments-post.php
wp-comments-post.diff (1.5 KB) - added by WhiteJV 13 years ago.
DIFF of wp-coments-posts.php
comment.php (65.0 KB) - added by WhiteJV 13 years ago.
Patched wp-includes/wp-comment.php
comment.diff (1.3 KB) - added by WhiteJV 13 years ago.
DIFF of wp-includes/wp-comment.php
block-commenter-cookies.diff (2.8 KB) - added by WhiteJV 13 years ago.
Overall Patch DIFF

Download all attachments as: .zip

Change History (11)

@WhiteJV
13 years ago

Patched wp-comments-post.php

@WhiteJV
13 years ago

DIFF of wp-coments-posts.php

#1 @nacin
13 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

@WhiteJV
13 years ago

Patched wp-includes/wp-comment.php

@WhiteJV
13 years ago

DIFF of wp-includes/wp-comment.php

@WhiteJV
13 years ago

Overall Patch DIFF

#2 @WhiteJV
13 years ago

  • Resolution duplicate deleted
  • Status changed from closed to reopened

#3 @WhiteJV
13 years ago

The fix proposed in #16612 will not work. There are numerous CDNs that ignore headers that come from the origin. The CDN I use is one such case. You must issue "no store" directives in the header to instruct the edge servers to not cache the results of the origin document.

Last edited 13 years ago by WhiteJV (previous) (diff)

#4 @SergeyBiryukov
13 years ago

Probably a duplicate of #17976.

#5 @WhiteJV
13 years ago

The patch suggested by SergeyBiryukov in #17976 appears to be mostly satisfactory. Asking for clarification in the other ticket.

#6 @dd32
13 years ago

  • Resolution set to duplicate
  • Status changed from reopened to closed

#16612

That's the most obvious solution, If a CDN ignores the no-cache or vary:cookies headers however, there's not much WordPress can do.. aside from #17976 to allow the complete removal of said cookies.

Closing as a duplicate of either one of those tickets, depending on which solution is required for your server environment.

Note: See TracTickets for help on using tickets.