Nonces and WordPress

by Rudd-O published 2006/06/02 18:24:37 GMT+0, last modified 2013-06-26T03:24:28+00:00

What is all this Nonce-sense? - Asymptomatic gives us a quick introduction on nonces.

Nonces alone sound very stupid to me. Instead of having implemented nonces alone, what the WP team should have been doing all along is obvious: every action that is not idempotent should be done through POST. Technically, it's quite simple. Programmatically, it's harder to do than GETs. But surely coding GETs + nonces must be much harder than simply coding POSTs.

No one is discussing how useful nonces are. They are useful. But in the context of the greater picture, they're used to avoid WP admins from being tricked -- which is exactly why POSTs should be used as well. Sure, POSTs alone don't buy us a whole lotta security. But they surely do buy us some.

(Please don't tell me I haven't read the whole thread. The fact that nonces were introduced does not contradict one iota the fact that POSTs should be used for destructive operations, and that's it.)

Update: to visitors from the #wordpress channel: I updated the article, correcting statements of fact. I'm very glad to see that you're receptive to the POST idea. It's no surprise that it has been floated before as an issue.