Context Navigation

← Previous Ticket
Next Ticket →

#1453 closed defect (fixed)

Additional nonce for Akismet actions

Reported by:	josephscott	Owned by:	matt
Priority:	normal	Component:	akismet
Severity:	normal	Keywords:
Cc:

Description

Verify actions via nonce for removing comment author url.

Attachments (2)

akismet.diff (1.9 KB) - added by josephscott 17 months ago.
akismet.2.diff (2.0 KB) - added by josephscott 17 months ago.

Download all attachments as: .zip

Change History (6)

Changed 17 months ago by josephscott

Attachment akismet.diff added

comment:1 Changed 17 months ago by westi

It's is more normal and better practice to use check_admin_referer( action, nonce_field_name ) instead of "manually" verifying the nonce, also this should be the first check that is made.

Changed 17 months ago by josephscott

Attachment akismet.2.diff added

comment:2 follow-up: ↓ 3 Changed 17 months ago by josephscott

Updated diff to use check_admin_referer instead.

comment:3 in reply to: ↑ 2 Changed 17 months ago by westi

Replying to josephscott:

Updated diff to use check_admin_referer instead.

Looks perfect

comment:4 Changed 17 months ago by josephscott

Resolution set to fixed
Status changed from new to closed

In [487730]:

Add a nonce check to the comment author URL remove feature

Fixes #1453

Note: See TracTickets for help on using tickets.

Download in other formats: