Make WordPress Core

Opened 2 years ago

Last modified 2 years ago

#37709 new enhancement

Referrer on wp-cron API POST requests

Reported by: bucktothebang Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Cron API Keywords: needs-patch
Focuses: Cc:


Please consider adding a referrer to wp-cron API POST requests.

Reason being is that 100% of malicious POST requests do not use a referrer. 99.9999% of valid POST requests of course use a referrer. The only one being wp-cron api that does not.

Yes, easy enough to alter a rule set to allow wp-cron to POST, or setup a manual cron. But I see no reason why a referrer cannot be added.


Change History (2)

#1 @swissspidy
2 years ago

  • Summary changed from Refferer on wp-cron API POST requests to Referrer on wp-cron API POST requests

#2 @swissspidy
2 years ago

  • Keywords needs-patch added
  • Version trunk deleted

Happy to look into this when I find some more time. A patch would make it easier to grasp.

Note: See TracTickets for help on using tickets.