From f888c5cbbb623e2663e7700a6e3bfc63cf96195a Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Tue, 9 Nov 2021 23:09:00 +0000 Subject: [PATCH] Login and Registration: Improve messaging for invalid log-out nonces. Clarify messaging of when `wp_nonce_ays('log-out')` is called due to an invalid log out nonce. The HTML title now describes the action being taken rather than using the generic text "something went wrong". Props davidkryzaniak, hellofromTonya, peterwilsoncc. Fixes #52600. Built from https://develop.svn.wordpress.org/trunk@52088 git-svn-id: http://core.svn.wordpress.org/trunk@51680 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/functions.php | 9 +++++++-- wp-includes/version.php | 2 +- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 58d762df80..b71a83761c 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -3469,12 +3469,17 @@ function get_allowed_mime_types( $user = null ) { * @param string $action The nonce action. */ function wp_nonce_ays( $action ) { + // Default title and response code. + $title = __( 'Something went wrong.' ); + $response_code = 403; + if ( 'log-out' === $action ) { - $html = sprintf( + $title = sprintf( /* translators: %s: Site title. */ __( 'You are attempting to log out of %s' ), get_bloginfo( 'name' ) ); + $html = $title; $html .= '

'; $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; $html .= sprintf( @@ -3494,7 +3499,7 @@ function wp_nonce_ays( $action ) { } } - wp_die( $html, __( 'Something went wrong.' ), 403 ); + wp_die( $html, $title, $response_code ); } /** diff --git a/wp-includes/version.php b/wp-includes/version.php index 864bd018d1..c63506ba7a 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '5.9-alpha-52087'; +$wp_version = '5.9-alpha-52088'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.