Andrew Nacin

Well, placing an API (even a rudimentary one) in front of fragmented and legacy systems is also a great way to decouple yourself from the pain of those legacy systems....

I wholeheartedly agree with @konklone on this one.

From an email sent by @nealpoole: > Do you have a proposed fix for the "object injection" issue? My initial thought is that the buttonImageURL parameter is working exactly as...

@nealpoole: Yep. Here is the rest of the thread: - http://openwall.com/lists/oss-security/2013/07/18/11 - http://openwall.com/lists/oss-security/2013/07/18/12 - http://openwall.com/lists/oss-security/2013/07/18/13 This issue therefore is CVE-2013-4144. 4145 and 4146 will be merged into CVE-2012-3414.

Yeah, this is definitely something I want for developer.wordpress.org, but whether it is actually included as part of the parser itself is not a big issue. I think it'd actually...