[wp-hackers] Security at Wordpress
Rob Mientjes
robmientjes at gmail.com
Mon Apr 24 20:27:08 GMT 2006
On 24/04/06, David House <dmhouse at gmail.com> wrote:
> And thus, anyone that says switching to POST is a magic bullet needs
> to rethink their views. Switching is _not_ a less complex solution, as
> it would have to be introduced on top of nonces anyway.
>
> However, I am a standards-are-good kind of guy and I would like to see
> a solution where we use POST wherever possible, with GET only as a
> fallback. Andrew K showed us that the UI hit is somewhat negligible
> (although a proper cross-browser solution is a prerequisite), so you
> have my +1 here. Basically, I don't see any advantage or disadvantage
> of either POST or GET.
I don't pretend to be a programmer or an expert on this topic. I was
merely expressing my user experiences, which I believed it was still
about in the WordPress development?
Not attacking you, just makin' sure. The users can have a voice too!
-Rob.
More information about the wp-hackers
mailing list