From b2758c4494a05c85e3307bfc3ca89ed845ccdeda Mon Sep 17 00:00:00 2001
From: Peter Wilson <peterwilsoncc@git.wordpress.org>
Date: Tue, 9 Nov 2021 23:05:32 +0000
Subject: [PATCH] Login and Registration: Improve messaging for invalid log-out
 nonces.

Clarify messaging of when `wp_nonce_ays('log-out')` is called due to an invalid log out nonce. The HTML title now describes the action being taken rather than using the generic text "something went wrong".

Props davidkryzaniak, hellofromTonya, peterwilsoncc.
Fixes #52600.



git-svn-id: https://develop.svn.wordpress.org/trunk@52088 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/functions.php | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/wp-includes/functions.php b/src/wp-includes/functions.php
index 58d762df80..b71a83761c 100644
--- a/src/wp-includes/functions.php
+++ b/src/wp-includes/functions.php
@@ -3469,12 +3469,17 @@ function get_allowed_mime_types( $user = null ) {
  * @param string $action The nonce action.
  */
 function wp_nonce_ays( $action ) {
+	// Default title and response code.
+	$title         = __( 'Something went wrong.' );
+	$response_code = 403;
+
 	if ( 'log-out' === $action ) {
-		$html = sprintf(
+		$title = sprintf(
 			/* translators: %s: Site title. */
 			__( 'You are attempting to log out of %s' ),
 			get_bloginfo( 'name' )
 		);
+		$html        = $title;
 		$html       .= '</p><p>';
 		$redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
 		$html       .= sprintf(
@@ -3494,7 +3499,7 @@ function wp_nonce_ays( $action ) {
 		}
 	}
 
-	wp_die( $html, __( 'Something went wrong.' ), 403 );
+	wp_die( $html, $title, $response_code );
 }
 
 /**