security question

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Franky

    (@liedekef)

    That’s not hardcoding, that’s configuring ??
    Hardcoding would be e.g. that my App secret was in the plugin’s code.

    Thread Starter ReveDreams

    (@revedreams)

    ?? Well, all right then, but wouldn’t the point be the availability of the Secret?

    Plugin Author Franky

    (@liedekef)

    You can configure who has access to wordpress settings, that’s not the task of a plugin.
    You could argue the same thing about the mysql username and password in the wordpress configuration file.
    The Facebook api forces us to use an app id and secret, and I need to provide a way for people to enter it somewhere, a file would not be very user friendly. I don’t see any other way of doing this …

    Thread Starter ReveDreams

    (@revedreams)

    You’re right, it’s analogous to the database login. Finally got my client his own FB developer account today. Of course now I have another question for another thread. Thanks for your patience!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘security question’ is closed to new replies.