lundi 2 mars 2015

Is wordpress comment form safe?

I have this Wordpress form for comments, it's pretty standard:



<form action="http://ift.tt/1vSrwlW" target="writeIframe" method="post" id="commentform" class="comment-form">
    <p class="comment-form-author">
        <label for="author">Your name</label>
        <input id="author" name="author" type="text" value="" size="30">
    </p>
    <p class="comment-form-comment">
        <label for="comment">Comment</label>
        <textarea id="comment" name="comment" cols="45" rows="8" aria-required="true"></textarea>
    </p>
    <p class="form-submit">
        <input name="submit" type="submit" id="submit" class="submit" value="Send">
        <input type="hidden" name="comment_post_ID" value="1" id="comment_post_ID">
        <input type="hidden" name="comment_parent" id="comment_parent" value="0">
    </p>
</form>


It sends the user input data to wp-comments-post.php inside of a hidden iframe. Is this safe out of the box Wordpress or shall I add code to prevent attacks trough my comment form?


Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)