[wp-trac] [WordPress Trac] #10975: comment form nonce
WordPress Trac
noreply at wordpress.org
Thu Feb 27 17:33:32 UTC 2020
#10975: comment form nonce
-------------------------+-----------------------------
Reporter: tellyworth | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Comments | Version:
Severity: normal | Resolution:
Keywords: needs-patch | Focuses:
-------------------------+-----------------------------
Comment (by bookdude13):
I'd like to renew interest in this as well. CSRF on the comment form might
not be a complete solution, but I'd argue that it's better than no
protection at all. As mentioned by @tellyworth it would stop some passive
or drive-by attacks/spam. A more robust solution could be discussed and
implemented in #10931.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/10975#comment:25>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list