[wp-trac] [WordPress Trac] #37569: REST API: refresh expired nonces
WordPress Trac
noreply at wordpress.org
Tue Oct 17 13:36:20 UTC 2017
#37569: REST API: refresh expired nonces
-----------------------------------------------+---------------------------
Reporter: iseulde | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future
Component: REST API | Release
Severity: normal | Version: 4.4
Keywords: needs-docs dev-feedback has-patch | Resolution:
| Focuses:
-----------------------------------------------+---------------------------
Comment (by adamsilverstein):
>create a separate endpoint for cookie auth only
@iseulde I like this idea! What would be required to get a fresh nonce?
Does offering up the nonce without requiring a previous valid nonce weaken
their value? Previous thinking was you could always keep your nonce fresh
by checking at least once every 12 hrs and returning a new nonce in the
second 'half'.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37569#comment:25>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list