[wp-trac] [WordPress Trac] #35662: Include a refreshed nonce when responding to an authenticated REST API response

WordPress Trac noreply at wordpress.org
Sun Jun 26 14:26:34 UTC 2016


#35662: Include a refreshed nonce when responding to an authenticated REST API
response
------------------------------------+-----------------------------
 Reporter:  adamsilverstein         |       Owner:  rmccue
     Type:  enhancement             |      Status:  reviewing
 Priority:  normal                  |   Milestone:  Future Release
Component:  REST API                |     Version:  4.4
 Severity:  normal                  |  Resolution:
 Keywords:  has-patch dev-feedback  |     Focuses:
------------------------------------+-----------------------------

Comment (by markjaquith):

 Replying to [comment:18 rmccue]:
 > I believe @aidvu was working on an updated patch that moves this to
 `rest_cookie_check_errors` instead, which is a nicer place for it to live.

 No opinion here.

 > Would it be worth introducing a `wp_create_outdated_nonce()` or
 something? Seems like a very niche use case, and only really useful in the
 unit tests.

 Seems very niche. If we do that, maybe just make it available as a tests
 helper function — not in core.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/35662#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list