[wp-trac] [WordPress Trac] #35188: Pass nonce action from "nonce_life" filter
WordPress Trac
noreply at wordpress.org
Mon Dec 21 18:49:20 UTC 2015
#35188: Pass nonce action from "nonce_life" filter
--------------------------------+-----------------------------
Reporter: giuseppe.mazzapica | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: |
--------------------------------+-----------------------------
At the moment, `nonce_life`
[https://developer.wordpress.org/reference/hooks/nonce_life/] filter pass
to callbacks only the nonce lifespan to be filtered.
There are cases in which a shorter nonce lifespan might be useful (default
lifespan is one day), and would be handy being able to recognize the
''context'' for the nonce creation.
It means that `wp_nonce_tick()`
[https://developer.wordpress.org/reference/functions/wp_nonce_tick/]
should receive the action as argument.
Providing a default (probably `-1` that is the default none action) this
change will be 100% backward compatible.
Currently the only (hackish) way to filter the lifespan only for specific
nonces is to add a filter before to call both `wp_create_nonce` and
`wp_verify_nonce` and remove the filter right after that. Two filter
additions and two filter removals that may be replaced with a single
filter addition if context would be provided by the `nonce_life` hook.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35188>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list