[wp-trac] [WordPress Trac] #10931: Verify Comment Email Addresses of Registered Users

WordPress Trac noreply at wordpress.org
Thu Feb 27 17:49:19 UTC 2020

#10931: Verify Comment Email Addresses of Registered Users
 Reporter:  mtdewvirus               |       Owner:  (none)
     Type:  enhancement              |      Status:  assigned
 Priority:  normal                   |   Milestone:  Future Release
Component:  Comments                 |     Version:  2.8
 Severity:  normal                   |  Resolution:
 Keywords:  has-patch needs-refresh  |     Focuses:

Comment (by bookdude13):

 Renewing interest in this. The main issues still to handle appear to be:
 - How to deal with expired nonces in cached pages
 - How to handle comments by anonymous or logged-out users (are they
 treated as anonymous, or are they treated as "normal" after a successful

 For expired nonces, one of
 [https://symfony.com/doc/3.4/http_cache/form_csrf_caching.html these
 solutions] could be explored.

 For comments by logged-out users, some type of caching, queuing, or extra
 verification before the post seems to be the consensus?

Ticket URL: <https://core.trac.wordpress.org/ticket/10931#comment:48>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list