[wp-trac] [WordPress Trac] #61960: Heartbeat API: consider changing the min allowed time
WordPress Trac
noreply at wordpress.org
Wed Sep 4 22:23:19 UTC 2024
#61960: Heartbeat API: consider changing the min allowed time
----------------------------+--------------------------
Reporter: annezazu | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 6.7
Component: Administration | Version:
Severity: normal | Resolution:
Keywords: | Focuses: performance
----------------------------+--------------------------
Comment (by peterwilsoncc):
The authentication cookie is set to expire 12 hours after the login
session expires (which is stored in the cookie itself), see
[https://core.trac.wordpress.org/browser/tags/6.6.1/src/wp-
includes/pluggable.php?marks=984-988#L944 source code].
This gives the heartbeat API plenty of time to prompt a user to log in
when the session expires before the cookie expires.
I know there have been issues in the past with nonces expiring while posts
are open in a background tab as browsers pause JavaScript execution. I
don't know that allowing for faster refreshes of the heartbeat will solve
that issue as they too rely on JavaScript.
However...
Increasing the cookie retention period to 24 hours may help partly resolve
this. Typically there are 16 hours between someone wrapping up for one day
and starting the next. If the session expires shortly after logging off,
then the 12 hour grace period will expire before they return to their
browser.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61960#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list