WordPress.org
Get WordPress

Plugin Directory

Changeset 3385612


Ignore:
Timestamp:
10/28/2025 06:20:42 AM (3 months ago)
Author:
lev0
Message:

Bump tested to + configurable constant

Location:
noncensible
Files:
4 added
4 edited
1 copied

Legend:

Unmodified
Added
Removed

  • noncensible/tags/1.2.0/noncensible.php

    r3081801 r3385612  
    33Plugin Name: Noncensible
    44Description: Plugs some default WordPress functions to ensure nonces have a guaranteed lifespan. This ensures forms, actions, and URLs do not expire prematurely.
    5 Version: 1.1.0
     5Version: 1.2.0
    66Requires at least: 2.5.0
    77Requires PHP: 5.4.0
     
    1111*/
    1212
    13 const NONCENSIBLE_TICKS_PER_NONCE_LIFE = 8;
     13if (!defined('NONCENSIBLE_TICKS_PER_NONCE_LIFE')) {
     14    define('NONCENSIBLE_TICKS_PER_NONCE_LIFE', 8);
     15}
    1416
    1517if (
    16     !(
     18    is_int(NONCENSIBLE_TICKS_PER_NONCE_LIFE)
     19    && !(
    1720        function_exists('wp_nonce_tick')
    1821        || function_exists('wp_verify_nonce')
     
    2326     * Returns the time-dependent variable for nonce creation.
    2427     *
    25      * A nonce has a lifespan of eight ticks. Nonces in their fifth tick onwards
    26      * (equivalent to core's second tick) may be updated, e.g. by autosave.
     28     * A nonce has a lifespan of eight ticks (by default). Nonces in the second half of
     29     * their lifespan (equivalent to core's second tick) may be updated, e.g. by autosave.
    2730     *
    2831     * @return float Float value rounded up to the next highest integer.

  • noncensible/tags/1.2.0/readme.txt

    r3081798 r3385612  
    33Tags: nonce, optimize, cache, performance, stability, security
    44Requires at least: 2.5.0
    5 Tested up to: 6.5.2
    6 Stable tag: 1.1.0
     5Tested up to: 6.8.3
     6Stable tag: 1.2.0
    77Requires PHP: 5.4.0
    88License: GPLv2 or later
     
    1515The core functions' documentation states that nonces, small validity tokens used throughout WordPress core and other plugins, have a lifespan of 1 day, however they can last as little as half that time. For common usage that may not be a problem, but if that lifespan is relied upon in any meaningful way, inexplicable failures can occur. For example, filters that shorten the lifespan may randomly make it difficult to complete some tasks before their nonce expires. Very long lifespans, such as those set by many caching and SEO optimization plugins, can result in forms and other actions suddenly breaking before the cached content expires and new nonces get generated. Imagine a contact form that's cached for a week but stops working after 4 days, then starts working again if that cache is cleared. A cursory search for terms like `caching nonce expired wordpress` yields many results for relevant problems.
    1616
    17 This plugin guarantees a nonce will last _at least_ as long as it's intended to, but up to ⅛ of a lifepsan more. By default, this means a nonce will last from 24 up to 27 hours, rather than anywhere from 12 to 24 hours. It was created because it was inappropriate to change the behaviour of such old code (in [ticket #53236](https://core.trac.wordpress.org/ticket/53236)) because the functions are pluggable.
     17This plugin guarantees a nonce will last _at least_ as long as it's intended to, but up to ⅛ of a lifepsan more. By default, this means a nonce will last from 24 up to 27 hours, rather than anywhere from 12 to 24 hours. It was created because changing the behaviour of such old code was deemed inappropriate (in [ticket #53236](https://core.trac.wordpress.org/ticket/53236)), given the functions are pluggable.
    1818
    1919Hourglass icon by [mavadee](https://www.flaticon.com/authors/mavadee).
     
    23231. Install the plugin in the usual way, through the admin interface by uploading manually or searching on the **Plugins** page.
    24242. Clear *all* caching plugins' content.
    25 3. Test that forms, etc. on your site are still working. You may need to force-reload affected pages, or clear your browser's cache.
     253. Test that forms, etc. on your site are still working. You may need to force-reload affected pages first, and clear your browser's cache.
    2626
    2727== Changelog ==
    2828
     29= 1.2.0 =
     30Make the `NONCENSIBLE_TICKS_PER_NONCE_LIFE` constant overridable in config, in case you want lower or higher resolution than 8, but still need the guaranteed lifespan.
     31
    2932= 1.1.0 =
    3033Compatibility with WP v6.1: passing `wp_verify_nonce()`'s `$action` parameter to `wp_nonce_tick()`.

  • noncensible/trunk/noncensible.php

    r3081801 r3385612  
    33Plugin Name: Noncensible
    44Description: Plugs some default WordPress functions to ensure nonces have a guaranteed lifespan. This ensures forms, actions, and URLs do not expire prematurely.
    5 Version: 1.1.0
     5Version: 1.2.0
    66Requires at least: 2.5.0
    77Requires PHP: 5.4.0
     
    1111*/
    1212
    13 const NONCENSIBLE_TICKS_PER_NONCE_LIFE = 8;
     13if (!defined('NONCENSIBLE_TICKS_PER_NONCE_LIFE')) {
     14    define('NONCENSIBLE_TICKS_PER_NONCE_LIFE', 8);
     15}
    1416
    1517if (
    16     !(
     18    is_int(NONCENSIBLE_TICKS_PER_NONCE_LIFE)
     19    && !(
    1720        function_exists('wp_nonce_tick')
    1821        || function_exists('wp_verify_nonce')
     
    2326     * Returns the time-dependent variable for nonce creation.
    2427     *
    25      * A nonce has a lifespan of eight ticks. Nonces in their fifth tick onwards
    26      * (equivalent to core's second tick) may be updated, e.g. by autosave.
     28     * A nonce has a lifespan of eight ticks (by default). Nonces in the second half of
     29     * their lifespan (equivalent to core's second tick) may be updated, e.g. by autosave.
    2730     *
    2831     * @return float Float value rounded up to the next highest integer.

  • noncensible/trunk/readme.txt

    r3081798 r3385612  
    33Tags: nonce, optimize, cache, performance, stability, security
    44Requires at least: 2.5.0
    5 Tested up to: 6.5.2
    6 Stable tag: 1.1.0
     5Tested up to: 6.8.3
     6Stable tag: 1.2.0
    77Requires PHP: 5.4.0
    88License: GPLv2 or later
     
    1515The core functions' documentation states that nonces, small validity tokens used throughout WordPress core and other plugins, have a lifespan of 1 day, however they can last as little as half that time. For common usage that may not be a problem, but if that lifespan is relied upon in any meaningful way, inexplicable failures can occur. For example, filters that shorten the lifespan may randomly make it difficult to complete some tasks before their nonce expires. Very long lifespans, such as those set by many caching and SEO optimization plugins, can result in forms and other actions suddenly breaking before the cached content expires and new nonces get generated. Imagine a contact form that's cached for a week but stops working after 4 days, then starts working again if that cache is cleared. A cursory search for terms like `caching nonce expired wordpress` yields many results for relevant problems.
    1616
    17 This plugin guarantees a nonce will last _at least_ as long as it's intended to, but up to ⅛ of a lifepsan more. By default, this means a nonce will last from 24 up to 27 hours, rather than anywhere from 12 to 24 hours. It was created because it was inappropriate to change the behaviour of such old code (in [ticket #53236](https://core.trac.wordpress.org/ticket/53236)) because the functions are pluggable.
     17This plugin guarantees a nonce will last _at least_ as long as it's intended to, but up to ⅛ of a lifepsan more. By default, this means a nonce will last from 24 up to 27 hours, rather than anywhere from 12 to 24 hours. It was created because changing the behaviour of such old code was deemed inappropriate (in [ticket #53236](https://core.trac.wordpress.org/ticket/53236)), given the functions are pluggable.
    1818
    1919Hourglass icon by [mavadee](https://www.flaticon.com/authors/mavadee).
     
    23231. Install the plugin in the usual way, through the admin interface by uploading manually or searching on the **Plugins** page.
    24242. Clear *all* caching plugins' content.
    25 3. Test that forms, etc. on your site are still working. You may need to force-reload affected pages, or clear your browser's cache.
     253. Test that forms, etc. on your site are still working. You may need to force-reload affected pages first, and clear your browser's cache.
    2626
    2727== Changelog ==
    2828
     29= 1.2.0 =
     30Make the `NONCENSIBLE_TICKS_PER_NONCE_LIFE` constant overridable in config, in case you want lower or higher resolution than 8, but still need the guaranteed lifespan.
     31
    2932= 1.1.0 =
    3033Compatibility with WP v6.1: passing `wp_verify_nonce()`'s `$action` parameter to `wp_nonce_tick()`.
Note: See TracChangeset for help on using the changeset viewer.