[wp-hackers] Security at Wordpress
ringmaster at midnightcircus.com
Mon Apr 24 16:02:46 GMT 2006
Ryan Scheuermann wrote:
> I mean, using a checkbox form for post delete solves a lot of the
> current issues:
> 3. no need for nonces if the delete action requires POST
Using POST does not obviate nonces or referer checks. If someone were
to create a form on a different site that POSTed the right info to the
page that deletes your posts, and then tricked you into clicking it
somehow, it would delete the posts. And we're talking about deleting
more than one post now? Yikes. Yes, it would work with just the
referer check, but then that form would only work in environments that
support the referer. That is what the nonces are for, to replace
referer checks with something more available.
Using POST does not obviate nonces or referer checks.
> 5. adds new functionality for mass delete of posts (even if not needed)
Oops. I just accidentally deleted <s>that one post</s> *everything*.
Time to revisit this:
> 7. follows a widely accepted and user-friendly model for web applications
It also makes it very difficult to insert new per-row POST forms, if
that's something we might ever consider in the future. As unlikely as
that might be. Although, I do remember code around in one of these
tables that let you add new columns in a clever way. Might have been
the Manage Posts page.
More information about the wp-hackers