WordPress.org

Make WordPress Core

Ticket #35188: 35188.diff

File 35188.diff, 1.1 KB (added by dwainm, 4 years ago)

First attempt at giving more context to the 'nonce_life' filter

  • src/wp-includes/pluggable.php

     
    17891789 *
    17901790 * @since 2.5.0
    17911791 *
     1792 * @param string $action the current action.
     1793 *
    17921794 * @return float Float value rounded up to the next highest integer.
    17931795 */
    1794 function wp_nonce_tick() {
     1796function wp_nonce_tick( $action = '' ) {
    17951797        /**
    17961798         * Filter the lifespan of nonces in seconds.
    17971799         *
     
    17981800         * @since 2.5.0
    17991801         *
    18001802         * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day.
     1803     * @param string $action The current nonce.
    18011804         */
    1802         $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS );
     1805        $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS, $action );
    18031806
    18041807        return ceil(time() / ( $nonce_life / 2 ));
    18051808}
     
    18401843        }
    18411844
    18421845        $token = wp_get_session_token();
    1843         $i = wp_nonce_tick();
     1846        $i = wp_nonce_tick( $action );
    18441847
    18451848        // Nonce generated 0-12 hours ago
    18461849        $expected = substr( wp_hash( $i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10 );