[23:42:32] <Pchelolo>	 TimStarling: hey, one more archeology question, if you are around. in core commit 9b9682904 (2007) you added a fancy error message if CSRF token matches, but the suffix doesn't match. Do you think this custom error is still needed for something?
[23:51:04] <TimStarling>	 it's a bit of a hack to put client round-trip sanity checks in a CSRF token
[23:52:46] <TimStarling>	 we have wpUnicodeCheck now, the check for ASCII round trips should have just been combined with that
[23:57:20] <TimStarling>	 the custom error is probably less needed now than it was then, but it's still a nasty hack to conflate those two things, and that commit was an attempt to separate them