Category Archives: Patched

Serialization of double values in PHP 4 and PHP 5

If you want to save space in your serialized data of floating point numbers in PHP, consider to use PHP 4. Naturally that is a joke :), I just note it down here because while taking a closer look on … Continue reading

Posted in Hacking The Core, Patched | Tagged , , , , , , , , , , , , , , , | 1 Comment

Prevent XSS on your wordpress Blog with CSP

CSP – short for Content Security Policy – is a Mozilla driven specification to reduce or eliminate a site’s XSS attack surface. In Ticket #10237 Denis De Bernardy suggested to implement the new Mozilla feature to prevent XSS. That was … Continue reading

Posted in Hacking The Core, Hakre's Tips, Patched, Plugin Plugout | Tagged , , , , , , , , , , , , , | 1 Comment

The short memory of WordPress.org security

For the wordpress project it’s said: If you find a bug, report it. That’s the same if it is security related. For those who feel – for whatever reason – uncomfortable to publicize it in trac directly, can shoot an … Continue reading

Posted in Hacking The Core, Patched, Pressed | Tagged , , , , , , , , , | 10 Comments

Relative URL HTML/ XHTML Code Smell

Another one for the HTML/ XHTML Code Smells: If you’re using realtive URLs inside your documents (which is pretty valid and can save you some bandwidth as well as it can save some hassles for mirroring a website) you should … Continue reading

Posted in Code Smells, Hakre's Tips, HTML/CSS Code Smells, Patched, Pressed | Tagged , , , , , , , , | 1 Comment

Cross-Plattform interoperability of the Test Suite

Closer to get it going: The wordpress test suite just got a patch to better support windows and some other systems. The next thing to do is to actually fix those tests that use functions which just die. Calling die() while … Continue reading

Posted in Patched | Tagged , , , , , , | 1 Comment