[wp-trac] [WordPress Trac] #10931: Verify Comment Email Addresses of Registered Users
WordPress Trac
wp-trac at lists.automattic.com
Wed Jun 9 17:57:59 UTC 2010
#10931: Verify Comment Email Addresses of Registered Users
----------------------------+-----------------------------------------------
Reporter: mtdewvirus | Owner:
Type: task (blessed) | Status: assigned
Priority: normal | Milestone: 3.1
Component: Comments | Version: 2.8.4
Severity: normal | Keywords: needs-patch
----------------------------+-----------------------------------------------
Comment(by mdawaffe):
This solution is incomplete. If we're going to prevent impersonation, we
need to implement CSRF protection for all logged in commentors. The patch
on #13791 does this. The proposed code there is hook based, so it's all
configurable/extendable. It's also more complicated.
If we go with this method, we'll need to pull in the CSRF stuff from
#13791.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10931#comment:23>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list