[wp-hackers] Moved from BlogWare to WordPress - Need Help
mark.wordpress at txfx.net
Sat May 20 10:32:44 GMT 2006
On May 20, 2006, at 6:23 AM, Sean Hickey wrote:
> BTW: Does WP even check for referers in it's own code? I've submitted
> comments to people's blogs using telnet from my home computer.
Doesn't check refs for comment submission, but for database-changing
stuff in the admin, yeah. Up until version 2.0.2, that is. The
upcoming 2.0.3 maintenance release (and the upcoming 2.1 release) use
a "secret hash with expiration" (nonce ) method that works more
securely and more reliably than ref checks.
More information about the wp-hackers