SOLVED: "Invalid Nonce" on Contact-Form tho only on the "main/home-page"

Omar · December 2, 2023, 7:18pm

Browser: Firefox Dev 121.0b6 (64-Bit) & Chrome 119.0.6045.200
OS: Windows 10 Pro - 22H2
URL: https://kampfsportschule-einherjar.de/
Video: Video Unavailable

Hello.
This error of not beeing able to send a successful message from the contact form is pretty new.
I have to add, i have recently added redis cache to this website, which can also be the cause of this error. The console is not giving me any valuable information and as you can see the “Nonce” Error appears only on the Homepage. Every other Page doesnt appear to be affected by this bug.

Any help is appreciated.
Thanks in advance.
Cheers Omar

timmse · December 4, 2023, 9:30am

Hi Omar,
Thanks so much for your report!

In most cases, the error message is actually related to caching. Please deactivate caching on the pages that contain forms and test again to see if it works.

Best regards,
timmse

Omar · December 4, 2023, 11:35am

Hey timmse, thanks for your fast response. Yeah i figured is it related to the caching. The Problem: the Contact form is located in the Footer and displayed on every page. So i was wondering if the problem may be something different than caching since the error only appears on the homepage and only there.

Cleared the Caching and its working fine again, but for how long is the question ?
All the best
Omar

charaf · December 4, 2023, 4:26pm

Hi @Omar,

We had an internal discussion and I think it’s best to work on a better solution for forms’ nonce generation (e.g. AJAX). We’ve added this to our to-do list. This would allow you to still use forms on cached pages without having to purge the cache every 8-12 hours.

Omar · December 4, 2023, 5:30pm

Hey @charaf, sounds like a nice solution, do you have an estimate on when this will be patched?

charaf · December 4, 2023, 6:04pm

Unfortunately I can’t promise an ETA for this one tbh

sphibberd · January 11, 2024, 12:12pm

Just seen this having had clients reported this back to me - this is a pretty major issue in the UK as ‘nonce’ is British slang for a pedophile.

I’m not using a cache plugin so am exploring removing the Bricks Contact Form element from all sites

charaf · January 15, 2024, 2:10pm

As you may already know, in web development, “nonce” stands for a “number used once” and is used for security purposes. Understanding the different cultural interpretations of this term, I will create a ticket to revise the user-facing error message to something more neutral.

sphibberd · January 15, 2024, 6:13pm

Thank you Charaf, that’s really appreciated

SinjoriS · January 16, 2024, 6:53pm

Hi Charaf,

I just sent an email to support regarding this problem. As I wrote there, I used Fluent forms on more than 20 Sites (all hosted on the same Litespeed server) and Litespeed cache plugin. None of them had or have that issue. However, when I start to use the Bricks form element (I have it on 2 of my recent Sites) I start having this problem. So, they are all on the same server (Litespeed) with Litespeed cache. None of the Sites that use Fluent form have any issues. Sites with Bricks form does.

I think Bricks support has to raise that case because we can’t use cache plugins due to that reason. It’s easy to exclude several pages from cacche, but what to do if the form if in the footer, or it is part of the single template for all custom post types - as I have the case? That’s not just the “Contact form” but most of the pages on the Site.

However, maybe the meanwhile solution could be to use the ESI nonce feature in Litespeed cache: Cache WordPress Nonces with ESI ⋆ LiteSpeed Blog - so I kindly please help me with that. What should I write there?
For instance, for the Divi form there are some hints:

et-pb-contact-form-submit
et_frontend_nonce
et_ab_log_nonce

But I have no clue what should I write for Bricks form. Could you please check that?
I am not sure if that will help, but I can try.

Thank you very much.
Best regards

sinanisler · January 16, 2024, 7:19pm

waiting for this as well.
thanks

SinjoriS · January 17, 2024, 6:52am

Just got feedback from Litespeed Support.
They said we can use a feature called ESI nonce in their plugin (but not sure how Bricks could solve that problem for other cache plugins).

They asked Bricks team for a “nonce name” for Bricks form, so we could exclude that nonce from caching.
@charaf - could you please provide that info, so we can solve issue, while we are waiting Bricks team to come up with better solution?
P.S. Please, check also my previous comment!

Thank you very much!

aaskw · January 29, 2024, 6:46pm

I am also following this

Omar · February 5, 2024, 12:29pm

For my case, i am using Cloudflare with the plugin “Super Page Cache for Cloudflare” with Redis Object Cache.

For anyone with a smiliar issue you can use this script which will clear your cache every 6 hours:

$interval = 6 * 60 * 60; // 6 Hours in Seconds
add_action('init', function() {
    if (!wp_next_scheduled('custom_cache_purge')) {
        wp_schedule_event(time(), 'hourly', 'custom_cache_purge');
    }
});

add_action('custom_cache_purge', function() {
    do_action('swcfpc_purge_cache');
});

Cheers Omar

timmse · February 9, 2024, 10:16am

Hi guys,
We’ve fixed this issue in Bricks 1.9.6, now available as a one-click update in your WordPress Dashboard.

Changelog: Bricks 1.9.6 Changelog – Bricks

Please let us know if you are still experiencing issues.

Best regards,
timmse

Omar · February 12, 2024, 2:52pm

Hey @timmse @charaf and everyone who has worked on this. Was testing it the last couple of days and it works flaweless, thank you for the fast fix!

Best Regards
Omar