[wp-trac] [WordPress Trac] #31294: Customizer no longer gracefully handles session expiration
WordPress Trac
noreply at wordpress.org
Mon Apr 6 15:09:24 UTC 2015
#31294: Customizer no longer gracefully handles session expiration
------------------------------+-------------------------
Reporter: westonruter | Owner: ocean90
Type: defect (bug) | Status: closed
Priority: normal | Milestone: 4.2
Component: Customize | Version: 4.0
Severity: major | Resolution: fixed
Keywords: has-patch commit | Focuses: javascript
------------------------------+-------------------------
Changes (by ocean90):
* status: reviewing => closed
* resolution: => fixed
Comment:
In [changeset:"32054"]:
{{{
#!CommitTicketReference repository="" revision="32054"
Customizer: Refresh nonces when a session expires and the user logs in
again.
This was broken since 4.0 and the introduction of user session tokens. The
nonces are now tied to session tokens as opposed to user IDs, and thus
they change with each re-login.
Custom nonces can be added through the `customize_refresh_nonces` filter.
On a successful refresh request the JavaScript API will trigger a `nonce-
refresh` event. See widget's update nonce as an example.
props westonruter for initial patch.
fixes #31294.
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/31294#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list