#42433 closed defect (bug) (fixed)
Customize: Frontend preview link URL erroneously gets customize_autosaved param
Reported by: | westonruter | Owned by: | westonruter |
---|---|---|---|
Milestone: | 4.9 | Priority: | normal |
Severity: | normal | Version: | 4.9 |
Component: | Customize | Keywords: | has-patch commit dev-reviewed |
Focuses: | Cc: |
Description
In [41969] (for #39896) the logic for getFrontendPreviewUrl
was updated to include additional query params to better reflect the current state of the Customizer. However, the logic for including customize_autosaved
is currently broken, resulting in the param being added when it shouldn't (e.g. when in saved
saved). In any case, the Preview Link control disables when not in a saved
state since frontend URL is not intended to be shared when not in a saved state. The only reason for including customize_autosaved
here was for power users who wanted to manually right-click on the link to view the autosaved revision on the frontend. However, the parameter is not getting removed when going back into the saved
state, so it should just be removed for now.
Attachments (4)
Change History (15)
This ticket was mentioned in Slack in #core-committers by westonruter. View the logs.
7 years ago
This ticket was mentioned in Slack in #core by jeffpaul. View the logs.
7 years ago
#5
@
7 years ago
@obenland Having the autosave param present could lead to unexpected results whereby a previewer sees changes that the author doesn't intend to share yet.
This issue is compounded further as I just found and patched in 42433.1.diff whereby wp_get_post_autosave()
will return the latest autosave revision for _any_ user if 0
is passed in.
To reproduce:
- Make a change in the customizer to the site title.
- Save draft
- Make a second change and Save Draft again (this will result in
customize_autosaved=on
being left on the preview URL). - Open the preview link in another tab (with
customize_autosaved=on
present) - Make a third change to the site title, but do not Save Draft.
- Switch to other tab (and reload) and see your third change appearing in the tab even though you did't save draft.
- Now open the preview URL from that other tab in an incognito window, and you'll see the user's autosave revision also applying there unexpectedly.
So in 42433.1.diff it also makes explicitly sure that whenever wp_get_post_autosave()
is called, it is always passed a non-zero user ID.
#6
@
7 years ago
@obenland I think 42433.1.diff can go in 4.9.1 if we just get 42433.0.diff in 4.9.
This ticket was mentioned in Slack in #core by westonruter. View the logs.
7 years ago
#8
@
7 years ago
- Keywords commit dev-reviewed added; dev-feedback removed
Okay, yes that makes sense. Let's go with 42433.0.diff
This can't wait until 4.9.1?