Ticket #45113: 45113.heartbeatnonce.2.diff
| File 45113.heartbeatnonce.2.diff, 10.1 KB (added by , 7 years ago) |
|---|
-
wp-admin/includes/admin-filters.php
if ( ! is_customize_preview() ) { 56 56 } 57 57 58 58 add_action( 'admin_print_scripts-post.php', 'wp_page_reload_on_back_button_js' ); 59 59 add_action( 'admin_print_scripts-post-new.php', 'wp_page_reload_on_back_button_js' ); 60 60 61 61 add_action( 'update_option_home', 'update_home_siteurl', 10, 2 ); 62 62 add_action( 'update_option_siteurl', 'update_home_siteurl', 10, 2 ); 63 63 add_action( 'update_option_page_on_front', 'update_home_siteurl', 10, 2 ); 64 64 add_action( 'update_option_admin_email', 'wp_site_admin_email_change_notification', 10, 3 ); 65 65 66 66 add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); 67 67 add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); 68 68 69 69 add_filter( 'heartbeat_received', 'wp_check_locked_posts', 10, 3 ); 70 70 add_filter( 'heartbeat_received', 'wp_refresh_post_lock', 10, 3 ); 71 add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 );72 71 add_filter( 'heartbeat_received', 'heartbeat_autosave', 500, 2 ); 73 72 73 add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 ); 74 add_filter( 'wp_refresh_nonces', 'wp_refresh_heartbeat_nonces' ); 75 74 76 add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' ); 75 77 76 78 // Nav Menu hooks. 77 79 add_action( 'admin_head-nav-menus.php', '_wp_delete_orphaned_draft_menu_items' ); 78 80 79 81 // Plugin hooks. 80 82 add_filter( 'whitelist_options', 'option_update_filter' ); 81 83 82 84 // Plugin Install hooks. 83 85 add_action( 'install_plugins_featured', 'install_dashboard' ); 84 86 add_action( 'install_plugins_upload', 'install_plugins_upload' ); 85 87 add_action( 'install_plugins_search', 'display_plugins_table' ); 86 88 add_action( 'install_plugins_popular', 'display_plugins_table' ); 87 89 add_action( 'install_plugins_recommended', 'display_plugins_table' ); 88 90 add_action( 'install_plugins_new', 'display_plugins_table' ); -
wp-admin/includes/misc.php
function wp_refresh_post_nonces( $respon 1008 1008 return $response; 1009 1009 } 1010 1010 1011 1011 if ( ! current_user_can( 'edit_post', $post_id ) ) { 1012 1012 return $response; 1013 1013 } 1014 1014 1015 1015 $response['wp-refresh-post-nonces'] = array( 1016 1016 'replace' => array( 1017 1017 'getpermalinknonce' => wp_create_nonce('getpermalink'), 1018 1018 'samplepermalinknonce' => wp_create_nonce('samplepermalink'), 1019 1019 'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 1020 1020 '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 1021 1021 '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 1022 1022 ), 1023 'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),1024 1023 ); 1025 1024 } 1026 1025 1027 1026 return $response; 1028 1027 } 1029 1028 1030 1029 /** 1030 * Add the latest Heartbeat and REST-API nonce to the Heartbeat response. 1031 * 1032 * @since 5.0.0 1033 * 1034 * @param array $response The Heartbeat response. 1035 * @return array The Heartbeat response. 1036 */ 1037 function wp_refresh_heartbeat_nonces( $response ) { 1038 // Refresh the Rest API nonce. 1039 $response['rest_nonce'] = wp_create_nonce( 'wp_rest' ); 1040 // TEMPORARY: Compat with api-fetch library 1041 $response['rest-nonce'] = $response['rest_nonce']; 1042 1043 // Refresh the Heartbeat nonce. 1044 $response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' ); 1045 return $response; 1046 } 1047 1048 /** 1031 1049 * Disable suspension of Heartbeat on the Add/Edit Post screens. 1032 1050 * 1033 1051 * @since 3.8.0 1034 1052 * 1035 1053 * @global string $pagenow 1036 1054 * 1037 1055 * @param array $settings An array of Heartbeat settings. 1038 1056 * @return array Filtered Heartbeat settings. 1039 1057 */ 1040 1058 function wp_heartbeat_set_suspension( $settings ) { 1041 1059 global $pagenow; 1042 1060 1043 1061 if ( 'post.php' === $pagenow || 'post-new.php' === $pagenow ) { 1044 1062 $settings['suspension'] = 'disable'; 1045 1063 } -
wp-includes/js/heartbeat.js
300 300 case 'parsererror': 301 301 case 'empty': 302 302 case 'unknown': 303 303 settings.errorcount++; 304 304 305 305 if ( settings.errorcount > 2 && settings.hasConnected ) { 306 306 trigger = true; 307 307 } 308 308 309 309 break; 310 310 } 311 311 312 312 if ( trigger && ! hasConnectionError() ) { 313 313 settings.connectionError = true; 314 314 $document.trigger( 'heartbeat-connection-lost', [error, status] ); 315 wp.hooks.doAction( 'heartbeat.connection-lost', error, status ); 315 316 } 316 317 } 317 318 } 318 319 319 320 /** 320 321 * Clear the error state and fire an event 321 322 * 322 323 * @access private 323 324 * 324 325 * @return void 325 326 */ 326 327 function clearErrorState() { 327 328 // Has connected successfully 328 329 settings.hasConnected = true; 329 330 330 331 if ( hasConnectionError() ) { 331 332 settings.errorcount = 0; 332 333 settings.connectionError = false; 333 334 $document.trigger( 'heartbeat-connection-restored' ); 335 wp.hooks.doAction( 'heartbeat.connection-restored' ); 334 336 } 335 337 } 336 338 337 339 /** 338 340 * Gather the data and connect to the server 339 341 * 340 342 * @access private 341 343 * 342 344 * @return void 343 345 */ 344 346 function connect() { 345 347 var ajaxData, heartbeatData; 346 348 347 349 // If the connection to the server is slower than the interval, 348 350 // heartbeat connects as soon as the previous connection's response is received. 349 351 if ( settings.connecting || settings.suspend ) { 350 352 return; 351 353 } 352 354 353 355 settings.lastTick = time(); 354 356 355 357 heartbeatData = $.extend( {}, settings.queue ); 356 358 // Clear the data queue, anything added after this point will be send on the next tick 357 359 settings.queue = {}; 358 360 359 361 $document.trigger( 'heartbeat-send', [ heartbeatData ] ); 362 wp.hooks.doAction( 'heartbeat.send', heartbeatData ); 360 363 361 364 ajaxData = { 362 365 data: heartbeatData, 363 366 interval: settings.tempInterval ? settings.tempInterval / 1000 : settings.mainInterval / 1000, 364 367 _nonce: typeof window.heartbeatSettings === 'object' ? window.heartbeatSettings.nonce : '', 365 368 action: 'heartbeat', 366 369 screen_id: settings.screenId, 367 370 has_focus: settings.hasFocus 368 371 }; 369 372 370 373 if ( 'customize' === settings.screenId ) { 371 374 ajaxData.wp_customize = 'on'; 372 375 } 373 376 374 377 settings.connecting = true; … … 381 384 }).always( function() { 382 385 settings.connecting = false; 383 386 scheduleNextTick(); 384 387 }).done( function( response, textStatus, jqXHR ) { 385 388 var newInterval; 386 389 387 390 if ( ! response ) { 388 391 setErrorState( 'empty' ); 389 392 return; 390 393 } 391 394 392 395 clearErrorState(); 393 396 394 397 if ( response.nonces_expired ) { 395 398 $document.trigger( 'heartbeat-nonces-expired' ); 399 wp.hooks.doAction( 'heartbeat.nonces-expired' ); 396 400 } 397 401 398 402 // Change the interval from PHP 399 403 if ( response.heartbeat_interval ) { 400 404 newInterval = response.heartbeat_interval; 401 405 delete response.heartbeat_interval; 402 406 } 403 407 408 // Update the heartbeat nonce if set. 409 if ( response.heartbeat_nonce && typeof window.heartbeatSettings === 'object' ) { 410 window.heartbeatSettings.nonce = response.heartbeat_nonce; 411 delete response.heartbeat_nonce; 412 } 413 414 // Update the Rest API nonce if set and wp-api loaded. 415 if ( response.rest_nonce && typeof window.wpApiSettings === 'object' ) { 416 window.wpApiSettings.nonce = response.rest_nonce; 417 // This nonce is required for api-fetch through heartbeat.tick. 418 // delete response.rest_nonce; 419 } 420 404 421 $document.trigger( 'heartbeat-tick', [response, textStatus, jqXHR] ); 422 wp.hooks.doAction( 'heartbeat.tick', response, textStatus, jqXHR ); 405 423 406 424 // Do this last, can trigger the next XHR if connection time > 5 sec. and newInterval == 'fast' 407 425 if ( newInterval ) { 408 426 interval( newInterval ); 409 427 } 410 428 }).fail( function( jqXHR, textStatus, error ) { 411 429 setErrorState( textStatus || 'unknown', jqXHR.status ); 412 430 $document.trigger( 'heartbeat-error', [jqXHR, textStatus, error] ); 431 wp.hooks.doAction( 'heartbeat.error', jqXHR, textStatus, error ); 413 432 }); 414 433 } 415 434 416 435 /** 417 436 * Schedule the next connection 418 437 * 419 438 * Fires immediately if the connection time is longer than the interval. 420 439 * 421 440 * @access private 422 441 * 423 442 * @return void 424 443 */ 425 444 function scheduleNextTick() { 426 445 var delta = time() - settings.lastTick, 427 446 interval = settings.mainInterval; -
wp-includes/script-loader.php
function wp_default_scripts( &$scripts ) 857 857 $scripts->add( 'wp-api-request', "/wp-includes/js/api-request$suffix.js", array( 'jquery' ), false, 1 ); 858 858 // `wpApiSettings` is also used by `wp-api`, which depends on this script. 859 859 did_action( 'init' ) && $scripts->localize( 'wp-api-request', 'wpApiSettings', array( 860 860 'root' => esc_url_raw( get_rest_url() ), 861 861 'nonce' => ( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' ), 862 862 'versionString' => 'wp/v2/', 863 863 ) ); 864 864 865 865 $scripts->add( 'wp-pointer', "/wp-includes/js/wp-pointer$suffix.js", array( 'jquery-ui-widget', 'jquery-ui-position' ), '20111129a', 1 ); 866 866 did_action( 'init' ) && $scripts->localize( 'wp-pointer', 'wpPointerL10n', array( 867 867 'dismiss' => __('Dismiss'), 868 868 ) ); 869 869 870 870 $scripts->add( 'autosave', "/wp-includes/js/autosave$suffix.js", array('heartbeat'), false, 1 ); 871 871 872 $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery'), false, 1 );872 $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery', 'wp-hooks' ), false, 1 ); 873 873 did_action( 'init' ) && $scripts->localize( 'heartbeat', 'heartbeatSettings', 874 874 /** 875 875 * Filters the Heartbeat settings. 876 876 * 877 877 * @since 3.6.0 878 878 * 879 879 * @param array $settings Heartbeat settings array. 880 880 */ 881 881 apply_filters( 'heartbeat_settings', array() ) 882 882 ); 883 883 884 884 $scripts->add( 'wp-auth-check', "/wp-includes/js/wp-auth-check$suffix.js", array('heartbeat'), false, 1 ); 885 885 did_action( 'init' ) && $scripts->localize( 'wp-auth-check', 'authcheckL10n', array( 886 886 'beforeunload' => __('Your session has expired. You can log in again from this page or go to the login page.'), 887 887