You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The theme file scan detects malicious patterns in comments as well, because the current implementation does not distinguish between comment lines and code lines or even mixed content.
To achieve this, the feeding routine has to be extended to detect comments correctly in a safe way, as there are many false-positive candidates that break the change (whether intentionally or by mistake)
Some primitive examples that must not be detected incorrectly:
// Single line comment containing /* multiline comment sequence...$url = 'https://www.example.com';
...
//* Single line, not multi */... still comment
The text was updated successfully, but these errors were encountered:
Originally suggested in WP support forums: https://wordpress.org/support/topic/should-not-alert-in-php-comments/
The theme file scan detects malicious patterns in comments as well, because the current implementation does not distinguish between comment lines and code lines or even mixed content.
To achieve this, the feeding routine has to be extended to detect comments correctly in a safe way, as there are many false-positive candidates that break the change (whether intentionally or by mistake)
Some primitive examples that must not be detected incorrectly:
The text was updated successfully, but these errors were encountered: