Prevent sending wpdGetNonce requests on every page load

  • Resolved Burhan Nasir

    (@burhandodhy)


    2 months, 3 weeks ago

    Based on the code, the Ajax request should not be sent if the wpdiscuz_nonce_{hash} cookie is already set. However, since the cookie is set as Secure, JavaScript cannot access it. As a result, Cookies.get('wpdiscuz_nonce_' + wpdiscuzCookiehash) always returns undefined, causing the plugin to send the Ajax request on every page load.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter Burhan Nasir

    (@burhandodhy)

    2 months, 3 weeks ago

    Hi Team,

    Based on the code, the Ajax request should not be sent if the wpdiscuz_nonce_{hash} cookie is already set. However, since the cookie is set as Secure, JavaScript cannot access it. As a result, Cookies.get('wpdiscuz_nonce_' + wpdiscuzCookiehash) always returns undefined, causing the plugin to send the Ajax request on every page load.

    One possible workaround would be to use the wpdiscuz_validate_nonce_for_guests filter, but I don’t want to implement this because it would disable nonce validation for non-logged-in users, which could lead to other security issues.

    Plugin Support gVectors Support

    (@gvectorssupport)

    2 months, 3 weeks ago

    Hi,

    I’ve already forwarded this topic to our developers. I’ll update the topic once I receive a response from them.

    Plugin Support gVectors Support

    (@gvectorssupport)

    2 months, 2 weeks ago

    We’ll fix this in the next update.

    Thread Starter Burhan Nasir

    (@burhandodhy)

    2 months, 2 weeks ago

    That’s great news. Thank you so much.Can you let me know when the next update will be? ETA?

    Plugin Support gVectors Support

    (@gvectorssupport)

    2 months, 2 weeks ago

    I’ll update this topic once it’s ready.

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.