#49902 closed enhancement (fixed)
Wrong description for blacklist feature on discussion settings page (missing user agent)
Reported by: |
|
Owned by: |
|
---|---|---|---|
Milestone: | 5.5 | Priority: | normal |
Severity: | normal | Version: | 1.5 |
Component: | Comments | Keywords: | needs-patch needs-copy-review |
Focuses: | Cc: |
Description
The discussion settings page has a textarea to set up a blocklist with this description:
When a comment contains any of these words in its content, name, URL, email, or IP address, it will be put in the Trash.
But if I look at the code the user agent is used too in wp_blacklist_check
I was wondering if this is made intentionally, because the user agent is easily spoofed.
Should we remove the user agent completely from wp_blacklist_check
or should we change the wording to add the user agent, too?
Change History (7)
#2
in reply to:
↑ 1
@
5 years ago
Replying to SergeyBiryukov:
Would this wording be clear enough?
Thanks for the fast reply! Yes, I think so.
I can prepare a patch for this change.
This ticket was mentioned in PR #223 on WordPress/wordpress-develop by Zodiac1978.
5 years ago
#3
The check_comment function and the wp_blacklist_check are also using the user agent string which is not mentioned in the copy text.
This patch adds this info.
Trac ticket: https://core.trac.wordpress.org/ticket/49902
#4
@
5 years ago
I've tried Github for the patch. Seems to be successful.
It looks like we have the same problem for the moderation list, so I added this for the moderation list too.
#5
@
5 years ago
- Owner set to SergeyBiryukov
- Resolution set to fixed
- Status changed from new to closed
In 47583:
Thanks for the ticket!
It looks like user agent check was intentionally added in [1603], so I'd suggest updating the description:
Would this wording be clear enough?