[wp-hackers] Security at Wordpress
Brian Layman
Brian at TheCodeCave.com
Mon Apr 24 20:18:34 GMT 2006
David Chait
>Is it allowed to require a AYS (i.e. POST-ed form) to validate the
approval?
You're mixing apples and oranges. AYS does not mean "post" and posts
doesn't fix everything.
Owen's submitted a good fix for all of this that includes AYS prompts but
not switching over to posting.
The discussion at this point is largely academic.
Switching over to posting would mean rewriting a lot more code and require a
lot more testing and would delay any release.
That's good enough reason not to do it right now, IMHO.
_______________________________________________
Brian Layman
www.TheCodeCave.com
More information about the wp-hackers
mailing list