[wp-trac] [WordPress Trac] #44817: Fix expire settings in .htaccess to fit livetime of nonces
WordPress Trac
noreply at wordpress.org
Mon Aug 20 13:29:59 UTC 2018
#44817: Fix expire settings in .htaccess to fit livetime of nonces
--------------------------+-----------------------------
Reporter: grossmann | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.9.8
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Nonces have a lifetime of 12 hours but by default html is cached (e.g.
with varnish) based on the
{{{
ExpiresByType text/html "access plus 1 day"
}}}
setting in the .htaccess file. This leads to invalid nonces when the page
cache is older than 12 hours.
Setting the default value for html content to
{{{
ExpiresByType text/html "access plus 11 hours"
}}}
should fix the problem.
I experienced this issue with Caldera Forms for anonymous visitors.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44817>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list