[wp-trac] Re: [WordPress Trac] #8552: Confirmation dialogue (when
wpnonce is missing) lacks buttons
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 10 01:25:55 GMT 2008
#8552: Confirmation dialogue (when wpnonce is missing) lacks buttons
----------------------------+-----------------------------------------------
Reporter: mastermind | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.7
Component: Administration | Version: 2.7
Severity: major | Resolution:
Keywords: |
----------------------------+-----------------------------------------------
Comment (by filosofo):
You can't have the buttons because they're vulnerable to a CSRF attack
(see here: #5838 ). Perhaps the text should be changed from "are you
sure?" to something else.
--
Ticket URL: <http://trac.wordpress.org/ticket/8552#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list