[wp-hackers] Rethinking check_admin_referer()
John Joseph Bachir
jjb at ibiblio.org
Thu Apr 20 17:12:04 GMT 2006
On Fri, 21 Apr 2006, Sam Angove wrote:
> It's a worry if users without referrers are directed to disable the
> check, since it leaves them open to dangerous links or forms from
> anywhere around the web, not just their own admin.
>
> Using tokens also provides protection in case of an exploit using <img
> src="[evil]" /> or similar, which is of much more cause for concern than
> a malicious link. I'll be shocked if there's no-one who's enabled
> posting of images in comments.
Not to toot my own horn but... this problem is solved and implemented in
Lyceum, using a security token for every administrative action, which
results in an identical user experience to wordpress, and allows for
usage of post or get requests as desired by the programmer. Is there
anything about this solution that folks don't like?
John
----
aim/yim/msn/jabber.org: johnjosephbachir
713.494.2704
irc://irc.freenode.net/lyceum
http://lyceum.ibiblio.org/
http://blog.johnjosephbachir.org/
More information about the wp-hackers
mailing list