[wp-hackers] Nonce and Caching Issue
Brian Layman
wp-hackers at thecodecave.com
Mon Sep 26 20:15:33 UTC 2011
On 9/26/2011 3:26 PM, John Turner wrote:
> I have a form that displays on the front end of the wp site. I use ajax to
> submit it back to the backend. I'm having an issue when using a caching
> plugin where the nonce is invalid because of the cached page being server
> has an expire nonce.
>
> Are there any best practices to get around this?
Since you are displaying this form when no one is logged (I know this
because the page cache is in effect), this by definition a non-secured
process. I would question if you even need a nonce.
If you do feel you need a nonce, a simple fix would be to serve the form
via an iframe or even via Ajax. Then the source code for the home page
would remain the same for each load. It would in turn call the iframe
source or ajax - which you would configure to be outside of the caching
mechanisms.
--
Brian Layman
More information about the wp-hackers
mailing list