[wp-trac] [WordPress Trac] #45113: Integrate compatibility related functions for the new editor
WordPress Trac
noreply at wordpress.org
Thu Nov 22 18:18:48 UTC 2018
#45113: Integrate compatibility related functions for the new editor
-------------------------------------+-----------------------
Reporter: desrosj | Owner: pento
Type: task (blessed) | Status: assigned
Priority: normal | Milestone: 5.0
Component: General | Version:
Severity: normal | Resolution:
Keywords: has-patch needs-testing | Focuses:
-------------------------------------+-----------------------
Comment (by adamsilverstein):
testing the media modal in GB, i see nonces used in media for the
following actions.
''Once my nonces expired these actions all failed.'' Worth testing if
these failures also occur in the classic editor, i'm not sure if they were
ever being refreshed.
* updating captions ('save-attachment' action, pulls from `nonces`)
* uploading an image, i see a nonce used for the upload-attachment action,
thats in _wpPluploadSettings and added here: https://github.com/WordPress
/wordpress-develop/blob/b2374bf1ad30fa572d40cbe466388563f6fe2b70/src/wp-
admin/includes/media.php#L1995
* clicking the delete image link in the modal fires the `delete-post`
action, also pulls from 'nonces'
Although we should ensure all nonces are refreshed I don't think this is a
blocker for merging - only a very small percentage of users will leave
their browser window open on the editor for long enough for normal nonces
to expire, and these extra nonces already are not refreshed, so the
classic editor similarly will fail to perform media actions, eg this isn't
a regression.
Next: testing again with refreshing in place to see if any of these are
currently being refreshed.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/45113#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list