Make WordPress Core

Opened 10 years ago

Closed 10 years ago

#26590 closed defect (bug) (duplicate)

remove or disable Gravatar by default and add warning text

Reported by: andreasnrb's profile andreasnrb Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Security Keywords:
Focuses: Cc:


Since Gravatars can be used to identify individuals that want to be anonymous Gravatar functionality should either be removed or disabled by default. If it remains there should be a warning text to the site owner that their commentators might be identified using it. Also optin when commenting for use with gravatar should be required by default.

We cannot assume that people are aware that Gravatars can be used to identify them using their emails. This feature remaining on by default and in core essentially says that WordPress core developers don't care about their users privacy.
This is has been done and will continue to be done in the future. Latest case was with Disqus and them using Gravatar. But there is no problem with identifying people commenting on WordPress sites.

Change History (1)

#1 @SergeyBiryukov
10 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #14682.

Note: See TracTickets for help on using tickets.