WordPress.org

Make WordPress Core

Changeset 44610


Ignore:
Timestamp:
01/16/2019 03:53:42 AM (14 months ago)
Author:
pento
Message:

Posts: Set a HTTP 403 error when an incorrect post preview nonce is sent.

Props graymouser.
Fixes #43570.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/revision.php

    r43571 r44610  
    583583
    584584        if ( false === wp_verify_nonce( $_GET['preview_nonce'], 'post_preview_' . $id ) ) {
    585             wp_die( __( 'Sorry, you are not allowed to preview drafts.' ) );
     585            wp_die( __( 'Sorry, you are not allowed to preview drafts.' ), 403 );
    586586        }
    587587
Note: See TracChangeset for help on using the changeset viewer.