Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nonce Middleware: Wrap the nonce middleware function into it's own function. #11347

Merged
merged 1 commit into from
Nov 1, 2018

Conversation

dd32
Copy link
Member

@dd32 dd32 commented Nov 1, 2018

Description

The nonce middleware function is re-generated on every API call, which is causing the initial nonce to always be used and the addAction() to be queued up multiple times.

Splitting this up and returning a function here solves both of the problems, and should fix #9260

How has this been tested?

To test, Set the nonce_life to 60s and have heartbeat run every 20s.
Use the editor for >2minutes (Switching images around works), you shouldn't encounter update failed messages, and the console should be clear.

add_filter( 'nonce_life', function() { return 60; } );

add_filter( 'heartbeat_settings', function( $settings ) { $settings['interval'] = 20; return $settings; } );

…nction that isn't regenerated on every API request.

This allows the nonce to be updated during pageloads.
@earnjam
Copy link
Contributor

earnjam commented Nov 1, 2018

I'll defer to @youknowriad since he wrote this code initially, but just wanted to note this is working well for me and appears to resolve the nonce issue.

It also stopped the hook from firing multiple times per heartbeat tick. Without this patch I was seeing it firing ~7 times per tick after just an initial load of the editor and not doing anything.

@youknowriad
Copy link
Contributor

The nonce middleware function is re-generated on every API call, which is causing the initial nonce to always be used and the addAction() to be queued up multiple times.

I don't think the middleware function was regenerated by each API call, I'd say, the hook function was which is not great indeed.

Copy link
Contributor

@youknowriad youknowriad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code changes look good to me 👍 And since others have tested, let's ship.

@earnjam earnjam merged commit 6808261 into WordPress:master Nov 1, 2018
@danielbachhuber danielbachhuber added this to the 4.3 milestone Nov 1, 2018
@danielbachhuber
Copy link
Member

Thanks @dd32 !

daniloercoli added a commit that referenced this pull request Nov 1, 2018
…rnmobile/port-quote-block-step-1

* 'master' of https://github.com/WordPress/gutenberg: (22 commits)
  Add removed periods to block descriptions. (#11367)
  Remove findDOMNode usage from the inserter (#11363)
  Remove deprecated componentWillReceiveProps from TinyMCE component (#11368)
  Create file blocks when dropping multiple files at once (#11297)
  Try avoiding the deprecated findDOMNode API from DropZone Provider (#11168)
  Fix: make meta+A behaviour of selecting all blocks work on safari and firefox. (#8180)
  Remove _wpGutenbergCodeEditorSettings and wp.codeEditor assets (#11342)
  Remove the Cloudflare warning (#11350)
  Image Block: Use source_url for media file link (#11254)
  Enhance styling of nextpage block using the Hr element (#11354)
  Embed block refactor and tidy (#10958)
  Nonce Middleware: Wrap the nonce middleware function into it's own function that isn't regenerated on every API request. (#11347)
  Fix RTL block alignments (#11293)
  RichText: fix buggy enter/delete behaviour (#11287)
  Remove code coverage setup (#11198)
  Parser: Runs all parser implementations against the same tests (#11320)
  Stop trying to autosave when title and classic block content both are empty. (#10404)
  Fix "Mac OS" typo + use fancy quotes consistently (#11310)
  Update documentation link paths (#11324)
  Editor: Reshape blocks state under own key (#11315)
  ...

# Conflicts:
#	gutenberg-mobile
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Renew nonce to prevent expiration and Updating failed message
4 participants