[wp-trac] [WordPress Trac] #37569: REST API: refresh expired nonces
WordPress Trac
noreply at wordpress.org
Sun Oct 22 22:09:07 UTC 2017
#37569: REST API: refresh expired nonces
------------------------------------+------------------
Reporter: iseulde | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: 5.0
Component: REST API | Version: 4.4
Severity: normal | Resolution:
Keywords: dev-feedback has-patch | Focuses:
------------------------------------+------------------
Changes (by adamsilverstein):
* keywords: needs-docs dev-feedback has-patch => dev-feedback has-patch
* milestone: Future Release => 5.0
Comment:
In [attachment:37569.3.diff]
* include a fresh nonce in rest responses when the user is logged in, even
if the nonce check fails
* retry the sync when a nonce failure is detected and a new nonce is
available
My only concern here is potentially infinite recursion, if the returned
nonce continues to change, the request will be made repeatedly. This
shouldn't happen, but might be worth explicitly preventing it.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37569#comment:28>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list