[wp-trac] [WordPress Trac] #23273: function wp_nonce_field should randomize id attribute

WordPress Trac noreply at wordpress.org
Wed Jan 23 15:46:38 UTC 2013


#23273: function wp_nonce_field should randomize id attribute
-----------------------------+--------------------------
 Reporter:  jay_freetailed   |       Type:  defect (bug)
   Status:  new              |   Priority:  normal
Milestone:  Awaiting Review  |  Component:  General
  Version:  3.5              |   Severity:  normal
 Keywords:                   |
-----------------------------+--------------------------
 The wp_nonce_field function in wp-includes/functions.php should use a
 random seed for the id attribute of the field.  In cases where there are
 pages or posts with multiple forms, each nonce hidden field has the same
 id attribute.  This causes the w3c Markup Validation Service to site an
 error "Duplicate ID _wpnonce."

 Another solution could be to simply omit the id attribute all together.

 See code here http://core.trac.wordpress.org/browser/tags/3.5/wp-
 includes/functions.php

 The function simply uses the name of the field as the id attribute.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/23273>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list