WordPress/wp-admin
Dominik Schilling 6d2c70aa0d Customizer: Refresh nonces when a session expires and the user logs in again.
This was broken since 4.0 and the introduction of user session tokens. The nonces are now tied to session tokens as opposed to user IDs, and thus they change with each re-login.
Custom nonces can be added through the `customize_refresh_nonces` filter. On a successful refresh request the JavaScript API will trigger a `nonce-refresh` event. See widget's update nonce as an example.

props westonruter for initial patch.
fixes #31294.
Built from https://develop.svn.wordpress.org/trunk@32054


git-svn-id: http://core.svn.wordpress.org/trunk@32033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-06 15:10:27 +00:00
..
css Update more instances of default admin blues and grays. 2015-04-05 21:20:27 +00:00
images Update more instances of default admin blues and grays. 2015-04-05 21:20:27 +00:00
includes Update more instances of default admin blues and grays. 2015-04-05 21:20:27 +00:00
js Customizer: Refresh nonces when a session expires and the user logs in again. 2015-04-06 15:10:27 +00:00
maint Remove the WordPress logo from the focusable elements on the install/update screens. Fixes #28674. Props stompweb 2014-06-29 14:10:15 +00:00
network After [31941], use the decoupled strings from `wp-admin/network/themes.php` in `wp-admin/network/site-themes.php` as well. 2015-04-05 14:58:27 +00:00
user Ensure the requires for the admin bootstrap are documented in all wp-admin/user/ files. 2014-11-04 16:32:22 +00:00
about.php Use correct closing tag for "Under the Hood" header on About screen. 2015-02-22 16:44:25 +00:00
admin-ajax.php PressThis v2, first run. Props michael-arestad, stephdau, marcelomazza, DrewAPicture, iseulde, afercia, kraftbj, rachelbaker, AramZS, dd32. See #31373. 2015-02-25 01:50:26 +00:00
admin-footer.php Accessibility: Add landmark roles to WordPress admin areas. 2015-04-01 13:17:27 +00:00
admin-functions.php First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin. 2013-12-24 18:57:12 +00:00
admin-header.php Accessibility: Add landmark roles to WordPress admin areas. 2015-04-01 13:17:27 +00:00
admin-post.php Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/*. 2014-11-30 11:42:24 +00:00
admin.php Avoid confusion by clarifying an inline comment on logic for performing multisite upgrades. 2015-01-29 11:53:21 +00:00
async-upload.php Prevent IE9 and lower displaying the download file dialogue when attempting to upload using the `html4` Plupload handler. 2015-02-12 01:15:29 +00:00
comment.php Comments: Fix undefined `$comment_url` variable notice, introduced in [31641]. 2015-03-10 14:51:26 +00:00
credits.php About page, text only (not released for translation), first pass. 2014-12-11 10:16:22 +00:00
custom-background.php In HTML5, the `action` attribute is no longer required. Remove this attribute when empty. 2015-01-16 04:16:24 +00:00
custom-header.php Make a new function, `wp_delete_file()`. Use it. 2015-02-27 16:51:25 +00:00
customize.php Customizer: Improve the overlay close button for iOS. 2015-04-02 17:16:28 +00:00
edit-comments.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
edit-form-advanced.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
edit-form-comment.php Remove ambiguity in the time display format in core, switches to using 24hr notation where am/pm isn't specified. 2015-03-23 02:14:27 +00:00
edit-link-form.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
edit-tag-form.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
edit-tags.php Fix Docblock syntax for the `taxonomy_parent_dropdown_args` filter. 2015-04-04 14:13:27 +00:00
edit.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
export.php In HTML5, the `action` attribute is no longer required. Remove this attribute when empty. 2015-01-16 04:16:24 +00:00
freedoms.php About page, text only (not released for translation), first pass. 2014-12-11 10:16:22 +00:00
import.php List tables: Use CSS :nth-child() selectors for zebra striping. 2015-01-14 22:14:22 +00:00
index.php Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented. 2014-11-24 05:39:22 +00:00
install-helper.php Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented. 2014-11-24 05:47:23 +00:00
install.php Remove duplicate label on installation screen. 2015-01-25 19:39:23 +00:00
link-add.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
link-manager.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
link-parse-opml.php Remove unnecessary `echo()`, add translator comment. 2015-04-02 19:01:27 +00:00
link.php Fix syntax for single- and multi-line comments in wp-admin-directory files. 2014-07-17 09:14:16 +00:00
load-scripts.php When outputting JS with a `Content-Type` header: 2015-01-03 02:57:21 +00:00
load-styles.php Simplify the setup-config.php UI flow and load process. 2014-07-03 19:57:14 +00:00
media-new.php Use SSL when linking to WordPress.org. see #27115. 2014-03-08 04:14:15 +00:00
media-upload.php Remove an extra indent from most of media-new.php. 2015-02-03 07:47:22 +00:00
media.php In HTML5, the `action` attribute is no longer required. Remove this attribute when empty. 2015-01-16 04:16:24 +00:00
menu-header.php Accessibility: Add landmark roles to WordPress admin areas. 2015-04-01 13:17:27 +00:00
menu.php Introduce delete_site meta capability. 2015-03-08 02:10:30 +00:00
moderation.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-admin.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-delete-site.php Introduce delete_site meta capability. 2015-03-08 02:10:30 +00:00
ms-edit.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-options.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-sites.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-themes.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-upgrade-network.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
ms-users.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
my-sites.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
nav-menus.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
network.php Remove unused `printf()` on network setup screen. 2015-04-01 17:01:26 +00:00
options-discussion.php Add a more descriptive function summary for `options_discussion_add_js()`. 2015-04-04 14:16:27 +00:00
options-general.php Spinners: Toggle a class instead of show/hide. 2015-04-03 04:52:27 +00:00
options-head.php Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 2013-03-01 17:14:09 +00:00
options-media.php Use SSL when linking to WordPress.org. see #27115. 2014-03-08 04:14:15 +00:00
options-permalink.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
options-reading.php Inline `<script>`s that are only printed in the admin for pages that are served with the HTML5 doctype absolutely do not need `CDATA` comments. 2015-01-03 05:46:25 +00:00
options-writing.php Press This: Remove obsolete help tab in Settings -> Writing. 2015-03-12 02:37:27 +00:00
options.php Switch to a `403` response code in places where it is more appropriate than a `500` due to permissions errors. 2014-11-16 06:16:22 +00:00
plugin-editor.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
plugin-install.php Request FTP and SSH credentials when needed during shiny updates 2015-03-18 03:18:27 +00:00
plugins.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
post-new.php Admin globals: 2015-01-10 05:29:22 +00:00
post.php When adding `post_type` to `$sendback` in `wp-admin/post.php`, use `add_query_arg()` instead of string concatenation. 2015-03-05 22:31:24 +00:00
press-this.php PressThis v2, first run. Props michael-arestad, stephdau, marcelomazza, DrewAPicture, iseulde, afercia, kraftbj, rachelbaker, AramZS, dd32. See #31373. 2015-02-25 01:50:26 +00:00
profile.php Don't rely on include_path to include files. 2013-09-25 00:18:11 +00:00
revision.php Add a single responsibility function for outputting Revisions JS templates: `wp_print_revision_templates()`. 2014-11-01 00:15:24 +00:00
setup-config.php WPDB: If a site is using the `utf8` charset, and their version of MySQL supports `utf8mb4`, auto-upgrade them to `utf8mb4`. 2015-02-06 04:51:22 +00:00
theme-editor.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
theme-install.php Accessibility improvements for Themes screen: fix keyboard events and callbacks for the Search field, increase trigger timeout a bit, improve Esc. key handling. 2015-04-03 02:32:28 +00:00
themes.php Accessibility improvements for Themes screen: fix keyboard events and callbacks for the Search field, increase trigger timeout a bit, improve Esc. key handling. 2015-04-03 02:32:28 +00:00
tools.php Press This: Use more accurate wording on Tools screen. 2015-04-02 01:30:28 +00:00
update-core.php Upgrades: Specifically pass the 'version' and 'locale' POST vars through the Core Update FTP credentials form. 2015-02-24 03:01:25 +00:00
update.php Accessibility improvements for Themes screen: fix keyboard events and callbacks for the Search field, increase trigger timeout a bit, improve Esc. key handling. 2015-04-03 02:32:28 +00:00
upgrade-functions.php First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin. 2013-12-24 18:57:12 +00:00
upgrade.php There are a few functions that have the ability to return `false` instead of a string, so the return value should be checked before being passed to functions that expect string. 2015-03-09 02:11:28 +00:00
upload.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
user-edit.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
user-new.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
users.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00
widgets.php Admin notices: Make (most) core notices dismissible. 2015-04-01 22:06:28 +00:00