#21189 closed enhancement (duplicate)
We should improve the nonce failure page
Reported by: | dd32 | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Administration | Keywords: | |
Focuses: | Cc: |
Description
Currently when a admin nonce expires, in most cases we catch this condition using check_admin_referer()
which presents expired nonces with a rather ugly uninformative error message:
I'd like to propose that we make this page a bit nicer to end users - who although are unlikely to hit it (I hope) it'd be nice to let them know what's actually happened.
My initial approach would be to change the page to
- Include a WordPress logo, and a link back to the Admin area
- Change the message to something like "The link you've followed has now expired, In order to complete the action you were performing, please return to the previous page, refresh it, and attempt to follow the link again.".
- In the case where this is happening within the WordPress admin, it would make sense to have some kind of UI on the page as well - This can currently be done by not using
check_admin_referer()
and usingwp_verify_nonce()
directly and redirecting to an error page.
The current message could often cause confusion, as of course the user wants to do it (They just followed a link!) but as there's no continue button, they're left confused.
Change History (3)
Note: See
TracTickets for help on using
tickets.
Related/duplicate: #15394