WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#18819 closed enhancement (duplicate)

CDNs May Expose Personally Identifiable Information

Reported by: WhiteJV Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: General Keywords: has-patch
Focuses: Cc:

Description

When a visitor makes a comment on a post, WordPress sets a cookie with the filled in information. Then, when the visitor returns or navigates to another post, that cookie is used to fill in the comment form with the previously used values. Because this is delivered to the browser as flat HTML, content delivery networks will cache this information and expose personally identifiable information until the TTL expires.

Attachments (5)

wp-comments-post.php (3.9 KB) - added by WhiteJV 3 years ago.
Patched wp-comments-post.php
wp-comments-post.diff (1.5 KB) - added by WhiteJV 3 years ago.
DIFF of wp-coments-posts.php
comment.php (65.0 KB) - added by WhiteJV 3 years ago.
Patched wp-includes/wp-comment.php
comment.diff (1.3 KB) - added by WhiteJV 3 years ago.
DIFF of wp-includes/wp-comment.php
block-commenter-cookies.diff (2.8 KB) - added by WhiteJV 3 years ago.
Overall Patch DIFF

Download all attachments as: .zip

Change History (11)

@WhiteJV3 years ago

Patched wp-comments-post.php

@WhiteJV3 years ago

DIFF of wp-coments-posts.php

comment:1 @nacin3 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

@WhiteJV3 years ago

Patched wp-includes/wp-comment.php

@WhiteJV3 years ago

DIFF of wp-includes/wp-comment.php

@WhiteJV3 years ago

Overall Patch DIFF

comment:2 @WhiteJV3 years ago

  • Resolution duplicate deleted
  • Status changed from closed to reopened

comment:3 @WhiteJV3 years ago

The fix proposed in #16612 will not work. There are numerous CDNs that ignore headers that come from the origin. The CDN I use is one such case.

Version 0, edited 3 years ago by WhiteJV (next)

comment:4 @SergeyBiryukov3 years ago

Probably a duplicate of #17976.

comment:5 @WhiteJV3 years ago

The patch suggested by SergeyBiryukov in #17976 appears to be mostly satisfactory. Asking for clarification in the other ticket.

comment:6 @dd323 years ago

  • Resolution set to duplicate
  • Status changed from reopened to closed

#16612

That's the most obvious solution, If a CDN ignores the no-cache or vary:cookies headers however, there's not much WordPress can do.. aside from #17976 to allow the complete removal of said cookies.

Closing as a duplicate of either one of those tickets, depending on which solution is required for your server environment.

Note: See TracTickets for help on using tickets.