[wp-trac] Re: [WordPress Trac] #4735: OK/Cancel dialogs should have choices specific to the situation

WordPress Trac wp-trac at lists.automattic.com
Fri Aug 17 20:23:37 GMT 2007

#4735: OK/Cancel dialogs should have choices specific to the situation
 Reporter:  novasource      |        Owner:  anonymous   
     Type:  enhancement     |       Status:  new         
 Priority:  normal          |    Milestone:  2.4 (future)
Component:  Administration  |      Version:              
 Severity:  normal          |   Resolution:              
 Keywords:                  |  
Comment (by westi):

 Replying to [comment:6 foolswisdom]:
 > Are their web services that do this well already?
 > Replying to [comment:5 novasource]:
 > >
 > > 4529: not related. That is about undoing actions, and it can be
 implemented regardless of dialog used.
 > I think you are mistaken. Undo functionality would eliminate all/most of
 the AYS dialogs.

 I would be wary or replacing the nonce checks and AYS with a straight undo

 We need to ensure that a GET request from a foreign page cannot cause a
 delete (or any other action) without the user being prompted.

 If we dropped the nonce protection (and hence the AYS when nonces are not
 present) then a remote IMG tag with the src pointing at the blog admin
 would be able to delete comments for permenently logged in users - which
 is bad.

 Seeing as we have good messages for each of the core AYS functions we
 should be able to add good labels as well.

 Merging the AYS for delete/spam/moderate would be a real bonus.

Ticket URL: <http://trac.wordpress.org/ticket/4735#comment:8>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list