Dev news

Commit c1095a7e37 for wordpress.org

commit c1095a7e3774468c958e83af72d39d8564b1f918
Author: Weston Ruter <weston@xwp.co>
Date:   Sun Dec 14 22:30:33 2025 +0000

    Heartbeat: Handle race condition in `wp-auth-check` where `heartbeat-tick` may fire before `DOMContentLoaded`.

    Developed in https://github.com/WordPress/wordpress-develop/pull/10624

    Follow-up to [23805], [50547].

    Props westonruter, ArtZ91, siliconforks.
    See #23295.
    Fixes #64403.

    Built from https://develop.svn.wordpress.org/trunk@61379


    git-svn-id: http://core.svn.wordpress.org/trunk@60691 1a063a9b-81f0-0310-95a4-ce76da25c4cd

diff --git a/wp-includes/js/wp-auth-check.js b/wp-includes/js/wp-auth-check.js
index 44ff15a153..ff64573639 100644
--- a/wp-includes/js/wp-auth-check.js
+++ b/wp-includes/js/wp-auth-check.js
@@ -159,12 +159,23 @@
 			setShowTimeout();
 		});
 	}).on( 'heartbeat-tick.wp-auth-check', function( e, data ) {
-		if ( 'wp-auth-check' in data ) {
+		if ( ! ( 'wp-auth-check' in data ) ) {
+			return;
+		}
+
+		var showOrHide = function () {
 			if ( ! data['wp-auth-check'] && wrap.hasClass( 'hidden' ) && ! tempHidden ) {
 				show();
 			} else if ( data['wp-auth-check'] && ! wrap.hasClass( 'hidden' ) ) {
 				hide();
 			}
+		};
+
+		// This is necessary due to a race condition where the heartbeat-tick event may fire before DOMContentLoaded.
+		if ( wrap ) {
+			showOrHide();
+		} else {
+			$( showOrHide );
 		}
 	});

diff --git a/wp-includes/js/wp-auth-check.min.js b/wp-includes/js/wp-auth-check.min.js
index 9ebdb6c5fd..849ae3a356 100644
--- a/wp-includes/js/wp-auth-check.min.js
+++ b/wp-includes/js/wp-auth-check.min.js
@@ -1,2 +1,2 @@
 /*! This file is auto-generated */
-!function(i){var h,d,e;function r(){var e=window.adminpage,a=window.wp;i(window).off("beforeunload.wp-auth-check"),("post-php"===e||"post-new-php"===e)&&a&&a.heartbeat&&a.heartbeat.connectNow(),h.fadeOut(200,function(){h.addClass("hidden").css("display",""),i("#wp-auth-check-frame").remove(),i("body").removeClass("modal-open")})}i(function(){(h=i("#wp-auth-check-wrap")).find(".wp-auth-check-close").on("click",function(){r(),d=!0,window.clearTimeout(e),e=window.setTimeout(function(){d=!1},3e5)})}).on("heartbeat-tick.wp-auth-check",function(e,a){var o,t,n,c,s;"wp-auth-check"in a&&(a["wp-auth-check"]||!h.hasClass("hidden")||d?a["wp-auth-check"]&&!h.hasClass("hidden")&&r():(t=i("#wp-auth-check"),n=i("#wp-auth-check-form"),c=h.find(".wp-auth-fallback-expired"),s=!1,n.length&&(i(window).on("beforeunload.wp-auth-check",function(e){e.originalEvent.returnValue=window.wp.i18n.__("Your session has expired. You can log in again from this page or go to the login page.")}),(o=i('<iframe id="wp-auth-check-frame" frameborder="0">').attr("title",c.text())).on("load",function(){var e,a;s=!0,n.removeClass("loading");try{e=(a=i(this).contents().find("body")).height()}catch(e){return h.addClass("fallback"),t.css("max-height",""),n.remove(),void c.focus()}e?a&&a.hasClass("interim-login-success")?r():t.css("max-height",e+40+"px"):a&&a.length||(h.addClass("fallback"),t.css("max-height",""),n.remove(),c.focus())}).attr("src",n.data("src")),n.append(o)),i("body").addClass("modal-open"),h.removeClass("hidden"),o?(o.focus(),setTimeout(function(){s||(h.addClass("fallback"),n.remove(),c.focus())},1e4)):c.focus()))})}(jQuery);
\ No newline at end of file
+!function(i){var s,h,e;function d(){var e=window.adminpage,a=window.wp;i(window).off("beforeunload.wp-auth-check"),("post-php"===e||"post-new-php"===e)&&a&&a.heartbeat&&a.heartbeat.connectNow(),s.fadeOut(200,function(){s.addClass("hidden").css("display",""),i("#wp-auth-check-frame").remove(),i("body").removeClass("modal-open")})}i(function(){(s=i("#wp-auth-check-wrap")).find(".wp-auth-check-close").on("click",function(){d(),h=!0,window.clearTimeout(e),e=window.setTimeout(function(){h=!1},3e5)})}).on("heartbeat-tick.wp-auth-check",function(e,a){var o;"wp-auth-check"in a&&(o=function(){var e,o,n,t,c;a["wp-auth-check"]||!s.hasClass("hidden")||h?a["wp-auth-check"]&&!s.hasClass("hidden")&&d():(o=i("#wp-auth-check"),n=i("#wp-auth-check-form"),t=s.find(".wp-auth-fallback-expired"),c=!1,n.length&&(i(window).on("beforeunload.wp-auth-check",function(e){e.originalEvent.returnValue=window.wp.i18n.__("Your session has expired. You can log in again from this page or go to the login page.")}),(e=i('<iframe id="wp-auth-check-frame" frameborder="0">').attr("title",t.text())).on("load",function(){var e,a;c=!0,n.removeClass("loading");try{e=(a=i(this).contents().find("body")).height()}catch(e){return s.addClass("fallback"),o.css("max-height",""),n.remove(),void t.focus()}e?a&&a.hasClass("interim-login-success")?d():o.css("max-height",e+40+"px"):a&&a.length||(s.addClass("fallback"),o.css("max-height",""),n.remove(),t.focus())}).attr("src",n.data("src")),n.append(e)),i("body").addClass("modal-open"),s.removeClass("hidden"),e?(e.focus(),setTimeout(function(){c||(s.addClass("fallback"),n.remove(),t.focus())},1e4)):t.focus())},s?o():i(o))})}(jQuery);
\ No newline at end of file
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 77a7be96fc..6cf1a5bedd 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -16,7 +16,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '7.0-alpha-61377';
+$wp_version = '7.0-alpha-61379';

 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.