[wp-trac] [WordPress Trac] #52600: wp_nonce_ays('log-out') is confusing
WordPress Trac
noreply at wordpress.org
Mon Nov 8 18:56:30 UTC 2021
#52600: wp_nonce_ays('log-out') is confusing
------------------------------------+---------------------
Reporter: david.kryzaniak | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: 5.9
Component: Login and Registration | Version:
Severity: normal | Resolution:
Keywords: has-patch dev-feedback | Focuses:
------------------------------------+---------------------
Comment (by hellofromTonya):
The attempt to logout messaging makes sense to me. +1 improvement
What about the response code? Should an attempt to log out that lands on
that page be a 403 or 200?
Some history:
* Prior to 2.9, the response code was 500 (Internal Server Error), i.e.
the default in `wp_die()`.
* Then in #11289 [12309], the response code was changed to 403
(Forbidden).
Expired link makes sense as a 403. What about when attempting to logout
and landing on an are you sure page?
@peterwilsoncc What do you think?
Code Review notes:
* I'd suggest being intentional with the double assignment by changing
`$title = $html = sprintf(` to `$title = $html;` just below where `$html`
is assigned.
* Alignment of variable assignments
Other than that, the code itself looks good.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52600#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list