[wp-trac] [WordPress Trac] #43617: Nonce invalid messages non-informative, needs changed
WordPress Trac
noreply at wordpress.org
Fri Mar 23 10:34:12 UTC 2018
#43617: Nonce invalid messages non-informative, needs changed
-------------------------+-----------------------------
Reporter: mpol | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: |
-------------------------+-----------------------------
As a followup to the "Cheating uh?" patch that has gone into WP 4.9.5, I
think the message for an invalid Nonce can be improved.
I often run into the situation where I leave a webpage open for a day,
planning to respond with a comment or something similar. By the time I
post something, the Nonce is invalid. I then get an empty page with "Are
you sure you want to do that?". I think "Yes" and reload the page, only to
have the same error. I get slightly annoyed at the UI and have to hit the
Back-button of my browser, which needs active thinking.
I think I am not alone in this. It is not just spammers hitting these
messages. And I think it can be improved.
I think it would be good to explain what happened, even if it is too
technical. The Nonce was invalid, and that needs to be conveyed. I am just
not sure how what is a fitting message for most users while still
informative.
"The Nonce on the page did not validate. If you are sure you want to do
this, please go back and try again." might be a better message.
It could be followed by a backlink taking you back to the previous page.
That could be based on the HTTP Referrer. If that is not available, a link
with JavaScript with a 'history.back()' could do this job. I am not sure
if that last option will refresh the page and thus the Nonce.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43617>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list