WordPress.org

Make WordPress Core

Opened 16 months ago

Last modified 16 months ago

#37709 new enhancement

Referrer on wp-cron API POST requests

Reported by: bucktothebang Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Cron API Keywords: needs-patch
Focuses: Cc:

Description

Please consider adding a referrer to wp-cron API POST requests.

Reason being is that 100% of malicious POST requests do not use a referrer. 99.9999% of valid POST requests of course use a referrer. The only one being wp-cron api that does not.

Yes, easy enough to alter a rule set to allow wp-cron to POST, or setup a manual cron. But I see no reason why a referrer cannot be added.

Thanks.

Change History (2)

#1 @swissspidy
16 months ago

  • Summary changed from Refferer on wp-cron API POST requests to Referrer on wp-cron API POST requests

#2 @swissspidy
16 months ago

  • Keywords needs-patch added
  • Version trunk deleted

Happy to look into this when I find some more time. A patch would make it easier to grasp.

Note: See TracTickets for help on using tickets.