Avoid losing data after nonces expire
|Reported by:||azaozz||Owned by:|
Happens when an admin page containing a form is left open for more than 24 hours and the user decides to submit the form. This is quite rare for most admin pages as the users typically spend short time there. However this can happen on the Edit Post screen too despite that we refresh the basic nonces every wp_nonce_tick (12 hours):
- The user starts new post.
- At some point the Internet connection is lost.
- The user decides to finish later and puts the computer to sleep (closes the laptop, etc.).
- The user decides to continue writing more than 24 hours after that.
At this point all nonces have expired and cannot be updated as we've missed the previous nonce_tick update.
Change History (16)
comment:4 @aaroncampbell — 2 years ago
- Summary changed from Avoid loosing data after nonces expire to Avoid losing data after nonces expire