[wp-trac] [WordPress Trac] #24447: Avoid loosing data after nonces expire
WordPress Trac
noreply at wordpress.org
Wed May 29 07:55:36 UTC 2013
#24447: Avoid loosing data after nonces expire
----------------------------+-----------------
Reporter: azaozz | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.6
Component: Administration | Version:
Severity: normal | Keywords:
----------------------------+-----------------
Happens when an admin page containing a form is left open for more than 24
hours and the user decides to submit the form. This is quite rare for most
admin pages as the users typically spend short time there. However this
can happen on the Edit Post screen too despite that we refresh the basic
nonces every `wp_nonce_tick` (12 hours):
- The user starts new post.
- At some point the Internet connection is lost.
- The user decides to finish later and puts the computer to sleep (closes
the laptop, etc.).
- The user decides to continue writing more than 24 hours after that.
At this point all nonces have expired and cannot be updated as we've
missed the previous nonce_tick update.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24447>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list