WordPress.org

Ready to get started?Download WordPress

Forums

nonce, caching and ajax oh my (3 posts)

  1. John Turner
    Member
    Posted 2 years ago #

    I'm creating a plugin and I have a form that displays on the front end of the wp site and I use ajax to submit it back to the backend. I'm having an issue when using a caching plugin where the nonce is invalid because of the cached page being server.

    Are there any best practices to get around this short of not using a nonce?

    I have search and so far have not found anything.

  2. Big Bagel
    Member
    Posted 2 years ago #

    Can any visitor use the form on the front end? I'm not an expert (so hopefully an expert corrects me if I'm wrong) but, if so, I believe the best you can do is validate/escape any input and sanitize any later output. Nonces are really only to protect users from being tricked into performing unwanted actions; if your taking information from the front end and storing it in the database I don't think nonces are necessary.

  3. John Turner
    Member
    Posted 2 years ago #

    yes, when the nonce is valid it works. Only after the nonce expire and a cached version is displayed does it break.

    I do validate and escape the request so maybe Ill skip nonce on the front end.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.