[wp-trac] [WordPress Trac] #53236: Nonce lifespans are inaccurate and unintuitively affected by timezones
WordPress Trac
noreply at wordpress.org
Wed Jun 2 04:37:01 UTC 2021
#53236: Nonce lifespans are inaccurate and unintuitively affected by timezones
-------------------------------------------------+-------------------------
Reporter: lev0 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Date/Time | Version: 2.5
Severity: minor | Resolution:
Keywords: has-patch needs-testing needs-unit- | Focuses: docs
tests |
-------------------------------------------------+-------------------------
Comment (by lev0):
Replying to [comment:9 peterwilsoncc]:
> I can see arguments either way as to whether the defined nonce tick
should be maximum or minimum validity but as the codes been in place for
many years, it needs to remain as is.
That's fair.
> As the nonce functions are pluggable, the changes proposed in `nonce-
age-resolution.patch` could be released as a plugin but I think they're
risky to include in WordPress Core.
[https://wordpress.org/plugins/noncensible/ Done.]
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53236#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list