GetSimple Support Forum

GetSimple Support Forum > GetSimple > Developer Discussions > nonce functions
Full Version: nonce functions
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Carlos

2012-10-04, 20:52:06
Most (if not all) plugins that have a backend do not make use of GS get_nonce, check_nonce... functions.
Should they?
Does this make GS+plugins less safe?

shawn_a

2012-10-04, 21:29:09
I think it would be harder to target a csrf attack on a plugin.
You really have to know your victim has a high probability of having it installed
GetSimple Support Forum > GetSimple > Developer Discussions > nonce functions