WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#41210 closed enhancement (invalid)

Don't show preview of links in spammed or trashed comments

Reported by: tobifjellner Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Comments Keywords:
Focuses: Cc:

Description

In the wp-admin moderating view, when you hover over links in comments, a preview of the linked page is automatically generated and shown.

For normal comments, this is a nice feture.

But in the case of spam comments or evil comments I'm quite concerned about this, since these previews at some point might create some risk for drive-by infections, and as a minimum, may allow such comments to "phone home" and obtain my personal ip-address, should I happen to hover over any link.

And it's quite easy to hover over a link even by mistake, I try to make sure that my cursor is located on a different part of the screen before loading pages with spam comments.

Suggestion:
Don't include code for automatic preview of links in the folders spam and trash.

Somewhat related: #31299

Change History (4)

#1 @ocean90
3 years ago

  • Keywords reporter-feedback added

Hi @tobifjellner, what preview are you seeing? Can you provide a screenshot because core has no preview for links by default.

#2 @SergeyBiryukov
3 years ago

It's an Akismet feature, also mentioned in #39105.

#3 @tobifjellner
3 years ago

  • Resolution set to invalid
  • Status changed from new to closed

Great. With Akismet deactivated I definitely don't get the previews. Thanks!
Closing the ticket.

#4 @ocean90
3 years ago

  • Keywords reporter-feedback removed
  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.