Ancient "Are you sure you want to do this" now confusing

[ozh]

The default failing nonce message did not pass the wife test. Asking "Are you sure you want to do this?" now that there is no longer "OK" and "Cancel" buttons is confusing and my wife just asked me "How do I tell I'm sure?"

Not sure about the best wording, I took the same approach as Twitter's expired OAuth token links with a message that does not let user think there is something to confirm.

+1.

+1 to fix, the old message was misleading.

The "Link has expired" message is better than "Are you sure" but IMHO still quite vague for the average user. Perhaps it can be "This action has failed" as suggested in http://core.trac.wordpress.org/ticket/8552#comment:3.

Also it doesn't offer an action for the user to continue. As far as I can see nearly all legitimate nonce errors are caused by expired user login. Perhaps we can add a link to [site]/wp-admin (needs to be audited) or even go further and check if the user is logged in when generating the "nonce failed" message and show alternate explanation:

User logged in: "This action has failed. [Back to WordPress admin]
Login expired: "Your login has expired. Please [log in] again.

"That Request has expired and is not valid any longer. Please go back and start over."

If a login expires, isn't the user redirected to the login form already? "Reauth"

Related: #14060

Related: #18218

As azaozz said, the wording in the current patch isn't too much of an improvement. It can be shown when submitting a form, for instance.

I don't think we need to provide any link. The Back button should be good enough.