Make WordPress Core

Opened 13 years ago

Closed 13 years ago

Last modified 12 years ago

#20876 closed defect (bug) (fixed)

Customizer: Some error handling should be included, e.g. for cookie expiration

Reported by: ocean90's profile ocean90 Owned by: ryan's profile ryan
Milestone: 3.4 Priority: normal
Severity: normal Version: 3.4
Component: Customize Keywords: has-patch commit
Focuses: Cc:

Description

You are customizing your theme and suddenly your cookies are expired, then the Customizer doesn't show any notice.

Changes via postMessage are still visible, but changes which need an iframe refresh aren't visible, since the server response is an error. It includes the HTML page for the Cheatin’ uh? message.

Another problem is, when you try to save the changes. You can click the button, you will see the spinning image and the button text is changing to Saved. But it doesn't save anything, because the server response is an error again. Now a raw Cheatin’ uh? message.

Seems like we need an extra wp_die handler for the Customizer.

Attachments (7)

20876.patch (1.1 KB) - added by ocean90 13 years ago.
20876.2.patch (2.3 KB) - added by ocean90 13 years ago.
20876.3.patch (2.7 KB) - added by ocean90 13 years ago.
20876.4.patch (10.4 KB) - added by koopersmith 13 years ago.
20876.5.patch (10.4 KB) - added by koopersmith 13 years ago.
20876.diff (11.8 KB) - added by nacin 13 years ago.
20876.2.diff (14.8 KB) - added by koopersmith 13 years ago.

Download all attachments as: .zip

Change History (19)

@ocean90
13 years ago

#1 @ocean90
13 years ago

20876.patch is a first approach to handle error messages for iframe reloads.

@ocean90
13 years ago

@ocean90
13 years ago

#2 @nacin
13 years ago

  • Owner set to koopersmith
  • Status changed from new to assigned

The PHP should be considered done here. koopersmith is working on the JS.

I might step in and help with refreshing second-tick nonces if we find that to be something we should address.

#3 @koopersmith
13 years ago

Latest patch adds JS to handle logins in the customizer (so you don't lose state), and handles cheaters.

#4 @koopersmith
13 years ago

  • Keywords has-patch added; needs-patch removed

Does not handle nonce refreshing.

#5 @koopersmith
13 years ago

Updated to handle conflicts with trunk, add IFRAME_REQUEST to customize.php (which prevents is_admin_bar_showing() from returning true, amongst other things), and moves the wp-login customize enqueue_script to the necessary step. Also gets rid of debug cruft.

@nacin
13 years ago

#6 @nacin
13 years ago

20876.diff implements a nonce check for ajax previews, via the customize-preview-$stylesheet nonce. (Saves are already implemented with customize-controls-$stylesheet.) The preview nonce is then check for its nonce tick, and if in the second half of its life, fresh nonces are returned for both customize-controls and customize-preview. koopersmith will be cleaning up the JS and ensuring that, if new nonces are returned, they begin to get used for future previews and saves.

#7 @koopersmith
13 years ago

Adds nonce updating.

@koopersmith
13 years ago

#8 @nacin
13 years ago

  • Keywords commit added
  • Owner changed from koopersmith to ryan
  • Status changed from assigned to reviewing

20876.2.diff looks good. Ready for final review.

#9 @ocean90
13 years ago

Tested all three states, works fine for me.

#10 @ryan
13 years ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In [21031]:

Customizer: Gravefully handle cookie expipration. Prompt for log in in the preview. Props ocean90, koopersmith, nacin. fixes #20876

#11 @nacin
12 years ago

In [21135]:

Refresh nonces in the customizer. props koopersmith. see #20876.

#12 @nacin
12 years ago

In [21136]:

Refresh nonces in the customizer. props koopersmith. see #20876 for 3.4.

Note: See TracTickets for help on using tickets.