[wp-trac] Re: [WordPress Trac] #2800: wp_nonce_field() could pass
along HTTP_REFERER info
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 8 10:05:07 GMT 2006
#2800: wp_nonce_field() could pass along HTTP_REFERER info
----------------------------+-----------------------------------------------
Id: 2800 | Status: new
Component: Administration | Modified: Thu Jun 8 10:05:07 2006
Severity: enhancement | Milestone: 2.1
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: markjaquith
----------------------------+-----------------------------------------------
Comment (by westi):
I like this.
We need to make {{{check_admin_referer}}} unset the value in the _POST
array if the nonce check fails as we cannot trust the information then.
--
Ticket URL: <http://trac.wordpress.org/ticket/2800>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list