Opened 10 years ago
Last modified 5 years ago
#31189 new defect (bug)
Widgets editing screen don't handle expired nonces gracefully
Reported by: | dd32 | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Widgets | Keywords: | needs-patch |
Focuses: | Cc: |
Description
The Widgets screen doesn't handle an expired nonce gracefully, and can result in the user thinking something saved, when in actual fact it was silently discarded.
For example
- Adding/Removing Widgets appears to work, doesn't take effect
- Editing a Text Widget (or any titles of other widgets) and hitting save will result in a spinner, and then disappear the same way a successful save operates, even though the ajax calls returned
-1
to signify a nonce error / not logged in error
Change History (6)
Note: See
TracTickets for help on using
tickets.
The easiest way to trigger this scenario is to run
jQuery( '#_wpnonce_widgets' ).val('123456')
in the console.