[wp-trac] [WordPress Trac] #46595: Allow more than one valid recovery mode link
WordPress Trac
noreply at wordpress.org
Mon Apr 1 15:46:58 UTC 2019
#46595: Allow more than one valid recovery mode link
------------------------------------+--------------------------------
Reporter: flixos90 | Owner: timothyblynjacobs
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 5.2
Component: Bootstrap/Load | Version: trunk
Severity: normal | Resolution:
Keywords: needs-patch servehappy | Focuses:
------------------------------------+--------------------------------
Comment (by flixos90):
@TimothyBlynJacobs I'm not sure I agree. We also use variable names
containing the session ID for paused extensions, and I think the cleanup
you're suggesting ''would'' be sufficient for a core implementation. I
don't like the associative array option much because it would cause less
efficient queries and processing - but if there are more arguments for it
to be the better alternative, I'm not greatly opposed either.
We should furthermore make the key a real nonce in the way that it should
only be valid once. After validating a key, it should be deleted from the
database. This also takes care of the cleanup mentioned above.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46595#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list