WordPress.org

Make WordPress Core

Changes between Version 4 and Version 5 of Ticket #28722, comment 27


Ignore:
Timestamp:
04/10/2016 02:20:18 PM (5 years ago)
Author:
RedSand
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #28722, comment 27

    v4 v5  
    2929So while this may not seem like a big thing in and of itself...look at it like this: If we make some small changes like this throughout WordPress core - not revealing version numbers - and it can help prevent ''some'' of WordPress' users from being hacked, why wouldn't we want to do it? :)
    3030
    31 It would be easy to use a kind of salted hash or other random stored key for the Etags instead, and not use the WordPress version number. It would be easy enough to have it change when the WordPress version gets updated, so the same goal would be accomplished. Etags aren't supposed to contain identifiable information anyway...they are supposed to be a static random value that can be used for comparison to tell when somethign changes.
     31It would be easy to use a kind of salted hash or other random stored key for the Etags instead, and not use the WordPress version number. It would be easy enough to have it change when the WordPress version gets updated, so the same goal would be accomplished. Etags aren't supposed to contain identifiable information anyway...they are supposed to be a static random value that can be used for comparison to tell when something changes.
    3232
    3333