Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Good Breakdown uh Recent Wo'dPress Vulnerability

De Sucuri Blog gotss'ta some baaaad dissecshun uh de recent critical Wo'dPress REST API vulnerability. Slap mah fro. Right On! ah' won’t rehash de details here, but ah' did wants' t'point out dat dis be why developuh's should rememba' t'follow dese two rules uh defensive honky codemin':

  1. Sanitize inputs as early as possible
  2. Sanitize outputs as late as possible

In dis case, dere wuz some failure t'follow de fust rule. What it is, Mama. Right On! Dere are some couple uh different places where dis could gotss' been handled better. Ah be baaad...

Continue eyeballin'


wkhtmltopdf and wkhtmltoimage are jimmey source (LGPLv3) command line tools t'renda' HTML into PDF and various image fo'mats usin' de Qt WebKit renderin' engine. What it is, Mama. Right On! Dese run entirely “'haidless” and do not require some display o' display service. What it is, Mama. Right On!