[wp-trac] [WordPress Trac] #10931: Verify Comment Email Addresses of Registered Users
WordPress Trac
noreply at wordpress.org
Thu Feb 27 17:49:19 UTC 2020
#10931: Verify Comment Email Addresses of Registered Users
-------------------------------------+-----------------------------
Reporter: mtdewvirus | Owner: (none)
Type: enhancement | Status: assigned
Priority: normal | Milestone: Future Release
Component: Comments | Version: 2.8
Severity: normal | Resolution:
Keywords: has-patch needs-refresh | Focuses:
-------------------------------------+-----------------------------
Comment (by bookdude13):
Renewing interest in this. The main issues still to handle appear to be:
- How to deal with expired nonces in cached pages
- How to handle comments by anonymous or logged-out users (are they
treated as anonymous, or are they treated as "normal" after a successful
login?)
For expired nonces, one of
[https://symfony.com/doc/3.4/http_cache/form_csrf_caching.html these
solutions] could be explored.
For comments by logged-out users, some type of caching, queuing, or extra
verification before the post seems to be the consensus?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/10931#comment:48>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list