[wp-trac] [WordPress Trac] #52406: Extend the validity period of the comment moderation hash
WordPress Trac
noreply at wordpress.org
Sun Jan 31 14:20:21 UTC 2021
#52406: Extend the validity period of the comment moderation hash
---------------------------+--------------------------------------
Reporter: johnbillion | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 5.7
Component: Comments | Version: trunk
Severity: normal | Keywords: needs-patch dev-feedback
Focuses: accessibility |
---------------------------+--------------------------------------
When a visitor submits a comment and it gets held for moderation, a
`moderation-hash` query variable is added to the redirect URL so the
moderated comment can be seen by the visitor. This was introduced in
[47887] for #49956.
The moderation hash is valid for any length of time but it's only
respected for one minute ([https://github.com/WordPress/wordpress-
develop/blob/e978de5a8d208450295647db6e1363f42491b2d7/src/wp-
includes/comment.php#L1935-L1942 ref], [https://github.com/WordPress
/wordpress-develop/blob/e978de5a8d208450295647db6e1363f42491b2d7/src/wp-
includes/class-wp.php#L407-L411 ref]).
Since [50109] commenters can opt-in to receiving an email notification
when their moderated comment gets approved, and this feature uses the same
moderation hash.
The problem is that the one minute window also applies to submitting the
notification opt-in form and reloading the page a second time. If you're
on a slow connection, you're using assistive technology, or you're a slow
reader or slow decision maker, you can easily take longer than 60 seconds
to submit this form.
I propose extending the time that the moderation hash is respected to ten
minutes. Any objections?
cc @whyisjake @peterwilsoncc @jonkolbert @ayeshrajans @imath
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52406>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list