[wp-trac] Re: [WordPress Trac] #2678: Nonces instead of referers
WordPress Trac
wp-trac at lists.automattic.com
Thu Apr 27 06:17:59 GMT 2006
#2678: Nonces instead of referers
----------------------------+-----------------------------------------------
Id: 2678 | Status: new
Component: Administration | Modified: Thu Apr 27 06:17:59 2006
Severity: normal | Milestone:
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: ringmaster
----------------------------+-----------------------------------------------
Comment (by markjaquith):
If you can only control the 43200 number, you're stuck with accepting a
range of X to 2X. How about making the code so that if can decrement $i a
specified number of times, as well as being able to set the 43200 number?
That way, you could decrease the denominator, but increase the number of
decrementats, so you could set up a nonce that expires in 30 to 31 minutes
(denominator of 60, 30 decrements). Obviously this would make it slower,
but it'd be nice to give people the option. I'm fine with the default
12-24 as the standard.
--
Ticket URL: <http://trac.wordpress.org/ticket/2678>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list