Bug #22275
closedCan't preview posts
0%
Description
As of a few weeks ago (I'm not sure exactly when), I am unable to preview my own posts. See attached screenshot for error message.
Files
Updated by Boone Gorges 4 days ago
Are you able to give some more precise details on what you're doing? Can you share the URL of a post that's exhibiting the problem?
Updated by Gina Cherry 4 days ago
It's every post on the CETLS website. It happens with posts that are still drafts and published posts that I am updating. All I'm doing is clicking on the Preview button in the Publish section, as I have always done to preview changes to posts.
Updated by Gina Cherry 4 days ago
Here's a post that I am currently working on (it's still in draft form) where I'm seeing this: https://cetls.bmcc.cuny.edu/wp-admin/post.php?post=7083&action=edit&classic-editor
Updated by Boone Gorges 2 days ago
- Assignee set to Raymond Hoh
Thanks for the additional details.
Ray, this appears to be related to changes to authentication for mapped domains. The 'Preview Changes' button is posting to cetls.bmcc.cuny.edu but then WP is redirecting to the non-mapped bmcccetls.commons.gc.cuny.edu link https://bmcccetls.commons.gc.cuny.edu/blog/2025/03/10/guided-course-tours-part-1/?preview_id=7083&preview_nonce=a6c0e9ffe5&_thumbnail_id=7099&preview=true. But this is failing due to a bad nonce check in _show_post_preview(). Not sure - are nonces specific to the domain? Or maybe specific to the login cookies for the requesting domain?
Is it possible for post previews to resolve to the mapped domain instead? I tried putting a backtrace in place to understand why it's pointing to the non-mapped domain, but I don't really grasp what's happening here.
Updated by Raymond Hoh 1 day ago
- Category name set to Domain Mapping
- Status changed from New to Resolved
- Target version set to 2.5.4
But this is failing due to a bad nonce check in _show_post_preview(). Not sure - are nonces specific to the domain? Or maybe specific to the login cookies for the requesting domain?
In #15833, we put in place a snippet to prevent post previews from being redirected to the mapped domain because we were using Mercator's built-in SSO method. However, we turned off Mercator's SSO in #21797. During this time, Gina experienced the problem with post previews because I forgot about this post preview redirect snippet and this caused the issue with post previews when on a mapped domain.
I've removed the post preview redirect in https://github.com/cuny-academic-commons/cac/commit/5e6d16d36cdabd025cde4b22d68633a8c5442e47 and also added the commit to production. Gina, you should be able to preview posts again. Apologies for the inconvenience!