[wp-trac] [WordPress Trac] #21189: We should improve the nonce failure page
WordPress Trac
wp-trac at lists.automattic.com
Sun Jul 8 09:07:18 UTC 2012
#21189: We should improve the nonce failure page
----------------------------+-----------------------------
Reporter: dd32 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Administration | Version:
Severity: normal | Keywords: ux-feedback
----------------------------+-----------------------------
Currently when a admin nonce expires, in most cases we catch this
condition using `check_admin_referer()` which presents expired nonces with
a rather ugly uninformative error message:
[[Image(http://f.cl.ly/items/26271g453h2y0K393Y1l/Screen%20Shot%202012-07-06%20at%2012.14.25%20PM.png)]]
I'd like to propose that we make this page a bit nicer to end users - who
although are unlikely to hit it (I hope) it'd be nice to let them know
what's actually happened.
My initial approach would be to change the page to
- Include a !WordPress logo, and a link back to the Admin area
- Change the message to something like "The link you've followed has now
expired, In order to complete the action you were performing, please
return to the previous page, refresh it, and attempt to follow the link
again.".
- In the case where this is happening within the !WordPress admin, it
would make sense to have some kind of UI on the page as well - This can
currently be done by not using `check_admin_referer()` and using
`wp_verify_nonce()` directly and redirecting to an error page.
The current message could often cause confusion, as of course the user
wants to do it (They just followed a link!) but as there's no continue
button, they're left confused.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/21189>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list