[wp-trac] [WordPress Trac] #7204: Theme previewer needs a nonce
WordPress Trac
wp-trac at lists.automattic.com
Sun Jun 29 02:05:57 GMT 2008
#7204: Theme previewer needs a nonce
-------------------------+--------------------------------------------------
Reporter: johnbillion | Owner: anonymous
Type: enhancement | Status: new
Priority: low | Milestone: 2.6
Component: Template | Version: 2.6
Severity: normal | Keywords: needs-patch
-------------------------+--------------------------------------------------
The new theme preview system in 2.6 should be protected by a nonce.
Outside chance that a scenario could occur where a theme is broken or in
development and a curious visitor could visit a URL such as
`www.example.com/?preview=1&template=whatever` and see database errors or
PHP errors which is never really a good thing.
--
Ticket URL: <http://trac.wordpress.org/ticket/7204>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list