[wp-hackers] Nonce and Caching Issue
John Turner
johnnytee at gmail.com
Mon Sep 26 23:38:26 UTC 2011
yes, I questioning whether I actually need one or not. I'll check out the
mfunc. thx
--
John
On Mon, Sep 26, 2011 at 4:22 PM, Stas Suscov <stas at nerd.ro> wrote:
> Most popular caching plugins have something called mfunc tag. Check the
> docs for it.
>
> Brian Layman <wp-hackers at thecodecave.com> wrote:
>
> >On 9/26/2011 3:26 PM, John Turner wrote:
> >> I have a form that displays on the front end of the wp site. I use ajax
> to
> >> submit it back to the backend. I'm having an issue when using a caching
> >> plugin where the nonce is invalid because of the cached page being
> server
> >> has an expire nonce.
> >>
> >> Are there any best practices to get around this?
> >
> >Since you are displaying this form when no one is logged (I know this
> >because the page cache is in effect), this by definition a non-secured
> >process. I would question if you even need a nonce.
> >
> >If you do feel you need a nonce, a simple fix would be to serve the form
> >via an iframe or even via Ajax. Then the source code for the home page
> >would remain the same for each load. It would in turn call the iframe
> >source or ajax - which you would configure to be outside of the caching
> >mechanisms.
> >
> >--
> >Brian Layman
> >
> >_______________________________________________
> >wp-hackers mailing list
> >wp-hackers at lists.automattic.com
> >http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
John Turner
More information about the wp-hackers
mailing list