WordPress.org

Make WordPress Core

Opened 6 years ago

Last modified 3 years ago

#27916 new enhancement

Add New Post screen nonce failure should redirect to Edit Post screen

Reported by: jdgrimes Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version:
Component: Administration Keywords: needs-patch
Focuses: Cc:
PR Number:

Description

Last night I added a new post, but I didn't publish it, I just left the Add New post screen open. I did a few other things and then put the computer to sleep. This morning I got up, checked the draft, and then hit publish. But the nonces had expired, so I was shown the "Are you sure you want to do this?" screen. I hit "try again", but I was returned to the Add New Post screen. I really thought I had lost the post. (Oh, the agony.) Fortunately, I really hadn't, because it was saved as a draft. But it really scared me.

Instead of causing folks to have a heart-attack, we could direct them to the Edit Post screen with the draft they were working on loaded, instead of the Add new post screen.

Change History (4)

#1 @jdgrimes
6 years ago

Kind of related: #24447

#2 @SergeyBiryukov
6 years ago

  • Component changed from General to Administration

#3 @wonderboymusic
4 years ago

  • Keywords needs-patch added
  • Milestone changed from Awaiting Review to Future Release

#4 @csloisel
3 years ago

So this is redirecting to the referring page and raises some questions around the desired user experience. The current implementation may be the best case scenario. I would consider this an edge case in the publishing workflow where it is arguably a fair consequence for not saving drafts, which would be the ideal and intended workflow.

The only alternatives that come to mind would be to force the user to the draft page on first auto-draft, either by window state change or redirect; or rework how the nonce is validating for actions on post-new.php. Forcing the user to a new page during editing doesn't seem like a good experience, and at a glance the latter option may require some pretty far-reaching changes into core and feels like more trouble than it's worth.

Last edited 3 years ago by csloisel (previous) (diff)
Note: See TracTickets for help on using tickets.