[wp-trac] [WordPress Trac] #37569: REST API: refresh expired nonces
WordPress Trac
noreply at wordpress.org
Thu Aug 4 10:27:54 UTC 2016
#37569: REST API: refresh expired nonces
--------------------------+-----------------------------
Reporter: iseulde | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 4.4
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
'''Is there a reason to not refresh an expired nonce?'''
At the moment the API only refreshes nonces when it's given an unexpired
nonce, so that the client can refresh it for future requests. When the
nonce expired though, it will just error. The only thing a client can do
then is to refresh the page, or get a new nonce some other way. Since a
simple authenticated request is enough to get a new nonce elsewhere, I
don't see why the API itself can't provide the client with a new one, so
that the client can refresh its nonce, and repeat the request with the new
nonce.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37569>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list