I’m building a library that once integrated into a plugin, if the user using the plugin, deactivates it, before deactivation it will display a popup allowing the user to leave a feedback as to why he’s deactivating it.
Jimmy deactivates the plugin, popup appears → Jimmy adds feedback
Feedback is sent from mysite.com ( Jimmy’s site where he disabled the plugin ) to abc.com ( ABC developers site )
abc.com site will need to save the data received into a post type.
I can’t use any of the currently available authentication methods because they all require the end user ( Jimmy ) to be redirected to another page and I can’t have this when the user is trying to disable a plugin, it wouldn’t be a great experience.
I’ve created a custom endpoint and data is correctly being saved but I can’t figure out how to make it “safe/secure”, basically I would like to find a way to make sure the request is being made from that form. Is it possible ?
I would think that it would not be possible from a security point of view, and I really think it is a bad idea. I don’t want a plugin developer to know I am using his plugin, and whether it is installed, activated or deactivated unless I contact him directly regarding an issue I have with the plugin. I would hope that WordPress has safeguards against doing that sort of thing.