[wp-trac] Re: [WordPress Trac] #2678: Nonces instead of referers
WordPress Trac
wp-trac at lists.automattic.com
Thu May 18 00:07:28 GMT 2006
#2678: Nonces instead of referers
----------------------------+-----------------------------------------------
Id: 2678 | Status: new
Component: Administration | Modified: Thu May 18 00:07:28 2006
Severity: normal | Milestone:
Priority: normal | Version: 2.1
Owner: anonymous | Reporter: ringmaster
----------------------------+-----------------------------------------------
Comment (by mdawaffe):
Currently, category deletion from Manage->Categories and post deletion
from post.php fail the nonce check. Deleting posts is particularly
annying since the user is sent through both the JS confirmation and the
check_admin_ref confirmation.
2678-posts-cats.diff
1. Nonces for category deletion from Manage->Categories.
1. Nonces for post deletion from post.php. Uses JS to update the
_wpnonce field if the button is pressed and the JS confirmation dialog is
approved. If the user does not have JS capabilities, the nonce will fail
and they will have to go through the check_admin_ref confirmation. Either
way, the user will see one (and only one) confirmation for post deletion
now.
--
Ticket URL: <http://trac.wordpress.org/ticket/2678>
WordPress Trac <http://wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list